CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,016 vulnerabilities with CWE-119
CVE-2011-3874
Android <2.2.2 & 2.3.6 - Buffer Overflow
CVE-2011-4134
Flexera FlexNet Publisher <11.10 - Buffer Overflow
CVE-2011-2776
Super 3.30.0 - Buffer Overflow in Error Function via Syslog Logging
CVE-2011-4789
HP Diagnostics - Memory Corruption
CVE-2011-5059
Finaldraft - Memory Corruption
CVE-2011-4529
Siemens Automation License Manager < 5.1 - Remote Code Execution via Long SerialID in License Key Command
CVE-2011-4870
Invensys Wonderware InBatch 8.1 SP1-9.5 - Remote Code Execution via ActiveX Control Buffer Overflow
CVE-2011-4055
Siemens Tecnomatix FactoryLink <8.0.2.54 - RCE
CVE-2011-5052
CoCSoft Stream Down 6.8.0 - Stack-Based Buffer Overflow via Long Download Response
CVE-2011-4620
PLIB 1.8.5 - Buffer Overflow in ulSetError Function
CVE-2011-5033
ConfigServer Security & Firewall < 5.43 - Stack-Based Buffer Overflow via Admin List File
CVE-2011-4537
7t IGSS < 9.0.0.11355 - Remote Code Execution via Crafted Packet to TCP Port 12397 or 12399
CVE-2011-4536
WellinTech KingView 6.53 and 65.30.2010.18018 - Remote Code Execution via Crafted Op-Code 3 Packet
CVE-2011-4167
HP Managed Printing Administration <2.6.4 - Buffer Overflow
CVE-2011-4050
7T IGSS 9.0.0.11200 - Buffer Overflow
CVE-2011-5012
Attachmate Reflection - Heap-based Buffer Overflow via Long Directory Name in FTP LIST Response
CVE-2011-5007
3S CoDeSys < 3.4 - Remote Code Execution via Long URI to CmpWebServer
CVE-2011-5006
QQPlayer 3.2.845 - Stack-based Buffer Overflow via MOV File PnSize Value
CVE-2011-5003
Avid Media Composer < 5.5.3 - Remote Code Execution via Phonetic Indexer Long Request
CVE-2011-5002
Finaldraft < 8.01 - Memory Corruption
CVE-2011-5001
Trend Micro Control Manager < 5.5 - Remote Code Execution via Crafted IPC Packet
CVE-2011-2778
Tor < 0.2.2.35 - Remote Code Execution via SOCKS Connection
CVE-2011-4037
Sielco Sistemi Winlog <2.07.09 - Buffer Overflow
CVE-2011-4857
Winamp < 5.623 - Remote Code Execution via Crafted IT File Song Message Data
CVE-2011-3406 HIGH
Microsoft Windows Active Directory - Remote Code Execution via Crafted Query
CVSS 8.8
Details
Vulnerabilities 14,016
Exploit Likelihood High