CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,027 vulnerabilities with CWE-119
CVE-2010-4091
Adobe Reader and Acrobat - Remote Code Execution via Crafted PDF Document
CVE-2010-3637
Adobe Flash Player < 9.0.289.0 and 10.x < 10.1.102.64 - Remote Code Execution via Crafted FLV Video
CVE-2010-1523
Winamp < 5.59 Beta build 3033 - Remote Code Execution via Crafted VP6 Video File
CVE-2010-3846
CVS 1.11.23 - Heap-Based Buffer Overflow via Crafted RCS Delta Fragment Changes
CVE-2010-2583
SonicWALL SSL-VPN ActiveX <10.5.2 Stack Overflow via Install3rdPartyComponent
CVE-2010-4142
DATAC RealWin <= 2.0 Build 6.1.8.10 - Stack-Based Buffer Overflow via Long SCPC Packet
CVE-2010-4090
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Memory Corruption
CVE-2010-4089
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Duplicated LCSM Entries in mmap Record
CVE-2010-4088
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via DIR File KEY Chunk Reference
CVE-2010-4087
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Crafted mmap Record in .dir File
CVE-2010-4086
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Crafted Director File
CVE-2010-4085
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Memory Corruption
CVE-2010-4084
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Memory Corruption
CVE-2010-3655
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Stack-Based Buffer Overflow
CVE-2010-3654
Adobe Flash Player
CVE-2010-3036
CiscoWorks Common Services - Remote Code Execution via Authentication Buffer Overflow
CVE-2010-2582
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via DEMX Chunk Processing
CVE-2010-2581
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Crafted Pamm Chunk
CVE-2010-3765 CRITICAL KEV
Mozilla Firefox 3.5.x-3.5.14 and 3.6.x-3.6.11 - Remote Code Execution via nsCSSFrameConstructor
CVSS 9.8
CVE-2010-2891
libsmi 0.4.8 - Buffer Overflow via Long OID String
CVE-2010-3227
Microsoft MFC Library - Buffer Overflow
CVE-2010-2585
RealPage Module Upload ActiveX Control - Buffer Overflow via DestURL or SourceFile Property
CVE-2010-3653
Adobe Shockwave Player < 11.5.9.615 - Remote Code Execution via Crafted rcsL Chunk
CVE-2010-4069
IBM Informix Dynamic Server Buffer Overflow via DBINFO Keyword Arguments
CVE-2010-4054
Ghostscript - Denial of Service via Crafted Font Data in Compressed Stream
Details
Vulnerabilities 14,027
Exploit Likelihood High