CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,020 vulnerabilities with CWE-119
CVE-2011-1453
Safari < 5.0.6 - Remote Code Execution via Memory Corruption
CVE-2011-1288
Apple Safari < 5.0.6 - Remote Code Execution via Crafted Web Site
CVE-2011-0255
Safari < 5.0.6 - Remote Code Execution via Crafted Web Site
CVE-2011-0254
Apple Safari < 5.0.6 - Remote Code Execution via Memory Corruption
CVE-2011-0253
Safari < 5.0.6 - Remote Code Execution via Memory Corruption
CVE-2011-0241
ImageIO - Heap-based Buffer Overflow via Crafted TIFF Image with CCITT Group 4 Encoding
CVE-2011-0240
Apple Safari < 5.0.6 - Remote Code Execution via Crafted Web Site
CVE-2011-0238
Safari < 5.0.6 - Remote Code Execution via WebKit Memory Corruption
CVE-2011-0237
Apple Safari < 5.0.6 - Remote Code Execution via Crafted Web Site
CVE-2011-0235
Safari < 5.0.6 - Remote Code Execution via WebKit Memory Corruption
CVE-2011-0234
Safari < 5.0.6 - Remote Code Execution via WebKit Memory Corruption
CVE-2011-0233
Safari < 5.0.6 - Remote Code Execution via WebKit Memory Corruption
CVE-2011-0232
Safari < 5.0.6 - Remote Code Execution via WebKit Memory Corruption
CVE-2011-0225
Safari < 5.0.6 - Remote Code Execution via WebKit Memory Corruption
CVE-2011-0223
Apple Safari < 5.0.6 - Remote Code Execution via Crafted Web Site
CVE-2011-0222
Safari < 5.0.6 - Remote Code Execution via WebKit Memory Corruption
CVE-2011-0221
Apple Safari < 5.0.6 - Remote Code Execution via WebKit Memory Corruption
CVE-2011-0218
Apple Safari < 5.0.6 - Remote Code Execution via Crafted Web Site
CVE-2011-1741
OpenText Hummingbird Client Connector - Buffer Overflow
CVE-2011-1331
JustSystems Ichitaro 2005-2011 - Remote Code Execution via Crafted Document
CVE-2011-0548
Symantec Mail Security 6.x-8.x - Buffer Overflow via Crafted PRZ File
CVE-2011-2692 HIGH
libpng 1.0.0-1.0.54, 1.2.0-1.2.44, 1.4.0-1.4.7, 1.5.0-1.5.3 - Memory Corruption via Invalid sCAL Chunk Handling
CVSS 8.8
CVE-2011-1223
IBM Tivoli Storage Manager < 5.4.3.4, 5.5.x < 5.5.3, 6.x < 6.1.4, 6.2.x < 6.2.2 - Local Privilege Escalation
CVE-2011-1222
IBM Tivoli Storage Manager < 5.4.3.4, 5.5.x < 5.5.3, 6.x < 6.1.4, 6.2.x < 6.2.2 - Local Privilege Escalation
CVE-2011-2220
Novell File Reporter <1.0.2.53 - Buffer Overflow
Details
Vulnerabilities 14,020
Exploit Likelihood High