CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,015 vulnerabilities with CWE-119
CVE-2012-0775
Adobe Reader/Acrobat <9.5.1, <10.1.3 - Code Injection
CVE-2012-0177
Microsoft Office Works File Converter - Heap-Based Buffer Overflow via Crafted WPS File
CVE-2012-0725
Adobe Flash Player <11.2.202.229 - Memory Corruption
CVE-2012-0724
Adobe Flash Player <11.2.202.229 - Memory Corruption
CVE-2012-0255
Quagga < 0.99.20.1 - Denial of Service via Malformed AS4 Capability in BGP OPEN Message
CVE-2012-0250
Quagga <0.99.20.1 - Buffer Overflow
CVE-2012-0249
Quagga <0.99.20.1 - Buffer Overflow
CVE-2012-1337
Cisco WebEx Recording Format Player 27.11.0-27.11.26 - Buffer Overflow via Crafted WRF File
CVE-2012-1336
Cisco WebEx T27 Player Remote Code Execution via Crafted WRF File
CVE-2012-1335
Cisco WebEx Recording Format Player 27.11.0-27.11.25 - Buffer Overflow via Crafted WRF File
CVE-2012-0258
Wonderware System Platform - Buffer Overflow
CVE-2012-0257
Wonderware System Platform - Buffer Overflow
CVE-2012-0222
Rockwell Automation FactoryTalk CPR9-SR5 and RSLogix 5000 17-20 - Denial of Service via Crafted Packet
CVE-2012-0772
Adobe Flash Player <10.3.183.18 & <11.2.202.228 - Memory Corruption
CVE-2012-1904
RealPlayer < 15.0.0 - Denial of Service via Crafted MP4 File
CVE-2012-0256
Apache Traffic Server <3.0.4-3.1.3 - DoS
CVE-2012-1836
InspIRCd 2.0.5 - Remote Code Execution via Crafted DNS Query
CVE-2012-1181
Apache mod_fcgid 2.3.6 - Denial of Service via FcgidMaxProcessesPerClass Directive Bypass
CVE-2012-1465
NetMechanica NetDecision < 4.5.1 - Denial of Service via Long URL
CVE-2012-1776
VLC media player < 2.0.1 - Remote Code Execution via Crafted Real RTSP Stream
CVE-2012-1775
VLC media player < 2.0.1 - Remote Code Execution via Crafted MMS Stream
CVE-2012-1510
VMware ESX/ESXi 4.0-5.0 and View < 4.6.0 - Buffer Overflow in WDDM Display Driver
CVE-2012-1509
VMware View < 4.6.0 - Buffer Overflow in XPDM Display Driver
CVE-2012-0231
GE Intelligent Platforms Proficy Plant Applications <= 5.0 - Remote Code Execution via Crafted TCP Session
CVE-2012-0230
GE Intelligent Platforms Proficy Plant Applications <= 5.0 - Remote Code Execution via Crafted TCP Session
Details
Vulnerabilities 14,015
Exploit Likelihood High