CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,020 vulnerabilities with CWE-119
CVE-2011-1283
Windows XP/2003/Vista/2008 Local Privilege Escalation via CSRSS Memory Corruption
CVE-2011-1282 HIGH
Windows CSRSS - Local Privilege Escalation via Memory Initialization Flaw
CVSS 8.4
CVE-2011-1281
Microsoft Windows - Local Privilege Escalation via CSRSS Console Object Allocation
CVE-2011-1867
HP Intelligent Management Center <5.0 - RCE
CVE-2011-1931
FFmpeg < 0.6.3 and libav <= 0.6.2 - Memory Corruption via Malformed AMV File
CVE-2011-1336
ALZip <8.21 - Remote Code Execution
CVE-2011-2529
Asterisk 1.6.x < 1.6.2.18.1 and 1.8.x < 1.8.4.3 - Memory Corruption via SIP Packet Null Byte Handling
CVE-2011-1866
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
CVE-2011-1865
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
CVE-2011-2377
SeaMonkey through 2.0.14 - Remote Code Execution via Multipart/x-mixed-replace Image
CVE-2011-2348
Google Chrome < 12.0.742.112 - Memory Corruption via V8 Bounds Check Bypass
CVE-2011-2347
Google Chrome < 12.0.742.112 - Memory Corruption via CSS Token Sequence Handling
CVE-2011-2193
TORQUE Resource Manager <3.0.2 - Buffer Overflow
CVE-2011-0208
Mac OS X 10.6 < 10.6.8 - Remote Code Execution via Crafted Microsoft Office Document
CVE-2011-0206
Apple Mac OS X <10.6.8 - Buffer Overflow
CVE-2011-0205
Apple Mac OS X <10.6.8 - Buffer Overflow
CVE-2011-0204
Apple Mac OS X <10.6.8 - Buffer Overflow
CVE-2011-0198
Apple Mac OS X <10.6.8 - Buffer Overflow
CVE-2011-2530
Rockwell RSLinx Classic < 2.58 & EDS Hardware Tool < 1.0.5.1 - Buffer Overflow via .eds File
CVE-2011-2128
Adobe Shockwave Player <11.6.0.626 - Memory Corruption
CVE-2011-2127
Adobe Shockwave Player <11.6.0.626 - Memory Corruption
CVE-2011-2126
Adobe Shockwave Player <11.6.0.626 - Buffer Overflow
CVE-2011-2125
Adobe Shockwave Player <11.6.0.626 - Buffer Overflow
CVE-2011-2124
Adobe Shockwave Player <11.6.0.626 - Memory Corruption
CVE-2011-2122
Adobe Shockwave Player <11.6.0.626 - Memory Corruption
Details
Vulnerabilities 14,020
Exploit Likelihood High