CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,020 vulnerabilities with CWE-119
CVE-2010-3787
Apple Mac OS X 10.6.x - Heap-Based Buffer Overflow via Crafted JP2 Image
CVE-2010-3786
macOS X 10.6.x < 10.6.5 - Remote Code Execution via Crafted Excel File
CVE-2010-3785
Apple Mac OS X 10.5.8 and 10.6.x < 10.6.5 - Remote Code Execution via Crafted Microsoft Office Document
CVE-2010-1846
Mac OS X 10.5.8 and 10.6.x < 10.6.5 - Remote Code Execution via Crafted RAW Image
CVE-2010-1842
Mac OS X 10.6.x < 10.6.5 - Remote Code Execution via Bidirectional Text String with Ellipsis Truncation
CVE-2010-1840
Apple Mac OS X 10.5.8 and 10.6.x < 10.6.5 - Remote Code Execution via Directory Services Password Validation
CVE-2010-1837
CoreText in Mac OS X 10.5.8 and 10.6.x < 10.6.5 - Remote Code Execution via Crafted Font in PDF
CVE-2010-1836
Apple Mac OS X 10.5.8 and 10.6.x < 10.6.5 - Remote Code Execution via Crafted PDF Document
CVE-2010-1833
Apple Mac OS X 10.6.x < 10.6.5 - Remote Code Execution via Crafted Embedded Font
CVE-2010-1832
Apple Mac OS X 10.5.8 and 10.6.x < 10.6.5 - Remote Code Execution via Crafted Embedded Font
CVE-2010-1831
Apple Mac OS X 10.5.8 and 10.6.x < 10.6.5 - Remote Code Execution via Embedded Font Name
CVE-2010-3894
IBM OmniFind Enterprise Edition < 8.5 FP6 - Stack-based Buffer Overflow via Long Password
CVE-2010-3336
Microsoft Office XP SP3, Office 2004/2008/2011 for Mac - Remote Code Execution via Crafted Document
CVE-2010-3335
Microsoft Office - Memory Corruption
CVE-2010-3334
Microsoft Office - Remote Code Execution via Crafted Office Art Drawing Records
CVE-2010-4221
ProFTPD - Stack-Based Buffer Overflow via TELNET IAC Escape Character
CVE-2010-4216
IBM Tivoli Directory Server 6.0.0.x - Denial of Service via LDAP BER Request Buffer Handling
CVE-2010-3040
Cisco Intelligent Contact Manager < 7.0 - Remote Code Execution via Long TCP Packet Parameter
CVE-2010-4091
Adobe Reader and Acrobat - Remote Code Execution via Crafted PDF Document
CVE-2010-3637
Adobe Flash Player < 9.0.289.0 and 10.x < 10.1.102.64 - Remote Code Execution via Crafted FLV Video
CVE-2010-1523
Winamp < 5.59 Beta build 3033 - Remote Code Execution via Crafted VP6 Video File
CVE-2010-3846
CVS 1.11.23 - Heap-Based Buffer Overflow via Crafted RCS Delta Fragment Changes
CVE-2010-2583
SonicWALL SSL-VPN ActiveX <10.5.2 Stack Overflow via Install3rdPartyComponent
CVE-2010-4142
DATAC RealWin <= 2.0 Build 6.1.8.10 - Stack-Based Buffer Overflow via Long SCPC Packet
CVE-2010-4090
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Memory Corruption
Details
Vulnerabilities 14,020
Exploit Likelihood High