CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,016 vulnerabilities with CWE-119
CVE-2011-5165
Free MP3 CD Ripper <= 2.6 - Stack-based Buffer Overflow via Crafted WAV File
CVE-2011-5164
AbsoluteFTP 1.9.6-2.2.10 - Remote Code Execution via LIST Command Response
CVE-2011-5163
Mitsubishi MX4 SCADA and Schneider Electric CitectSCADA < 7.20 - Buffer Overflow via Long Login String
CVE-2011-5162
GOM Player 2.1.33.5071 - Stack-based Buffer Overflow via ASX File URI in ref href Tag
CVE-2011-5129
XChat < 2.8.9 - Heap-Based Buffer Overflow via Long Response String
CVE-2011-5124
Blue Coat ProxyOne and ProxySG - Stack-Based Buffer Overflow via Large Packet to Synchronization Port
CVE-2011-5122
Comodo Internet Security < 5.3.175888.1227 - Denial of Service via Crafted Compressed File
CVE-2011-4579
FFmpeg/Libav SVQ1 Stream DoS Vulnerability
CVE-2011-4364
FFmpeg <0.5.7-0.8.8 - Buffer Overflow
CVE-2011-4353
FFmpeg/Libav <0.5.7/0.6.4/0.7.9/0.8.8 - DoS
CVE-2011-3945
FFmpeg <0.7.12-0.8.11 & Libav <0.5.9-0.8.1 - DoS, RCE
CVE-2011-3951
FFmpeg < 0.10 & Libav < 0.5.9/0.6.6/0.7.6/0.8.1 - RCE via Crafted Stereo Stream
CVE-2011-3947
FFmpeg <0.7.12 & Libav <0.5.9 - Buffer Overflow
CVE-2011-3940
FFmpeg 0.7.x < 0.7.12 and 0.8.x < 0.8.11 - Denial of Service via Crafted NSV File
CVE-2011-3929
FFmpeg 0.7.x < 0.7.12 and 0.8.x < 0.8.11 - Denial of Service via Crafted DV File
CVE-2011-0524
gypsy 0.8 - Denial of Service via NMEA Parser Buffer Overflow
CVE-2011-3174
Novell ZENworks Configuration Management 10.2-11 SP1 - Buffer Overflow via ISGrid.Grid2.1 ActiveX
CVE-2011-3149
linux-pam < 1.1.5 - Denial of Service via Environment Variable Expansion Overflow
CVE-2011-3148
linux-pam < 1.1.5 - Stack-based Buffer Overflow in pam_env.c
CVE-2011-2199
tftp-hpa < 5.0 - Buffer Overflow via utimeout Option
CVE-2011-5096
Avaya Aura Application Server 5300 <1.0.2/2.0<PB10 - Stack Overflow via cs_anams
CVE-2011-4086
Linux Kernel < 3.3.1 - Denial of Service via Journal Buffer Head State Mismanagement
CVE-2011-1477
Linux Kernel < 2.6.39 - Privilege Escalation via OSS Opl3 Array Index Error
CVE-2011-4599
International Components for Unicode < 49.1 - Stack-Based Buffer Overflow in Locale ID Canonicalization
CVE-2011-2212
qemu < 0.14.0 - Buffer Overflow in Virtio Subsystem via Indirect Descriptor
Details
Vulnerabilities 14,016
Exploit Likelihood High