CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,027 vulnerabilities with CWE-119
CVE-2010-3109
Novell iPrint Client <5.42 - Buffer Overflow
CVE-2010-3108
Novell iPrint < 5.42 - Remote Code Execution via EMBED Element Parameter
CVE-2010-3105
Novell iPrint < 5.44 - Remote Code Execution via Uninitialized Pointer in PluginGetDriverFile
CVE-2010-1527
Novell iPrint Client <5.44 - Buffer Overflow
CVE-2010-3064
PHP 5.3-5.3.2 - Stack-Based Buffer Overflow in Mysqlnd Extension via Long Username or Database Name
CVE-2010-3063
PHP 5.3-5.3.2 - Heap-Based Buffer Overflow in php_mysqlnd_read_error_from_line
CVE-2010-3059
IBM Tivoli Storage Manager <5.5.7,6.1.0.0 - Buffer Overflow
CVE-2010-2810
Lynx 2.8.8dev.1-2.8.8dev.4 - Heap-Based Buffer Overflow via Malformed URL Domain Name
CVE-2010-3031
Wyse ThinOS HF 4.4.079i - Buffer Overflow via LPD Service
CVE-2010-1524
Autonomy KeyView 10.4 and 10.9 - Remote Code Execution via SpreadSheet Lotus 123 Reader
CVE-2010-0135
Autonomy KeyView 10.4 and 10.9 - Heap-Based Buffer Overflow in WordPerfect 5.x Reader
CVE-2010-0133
Autonomy KeyView 10.4 and 10.9 - Stack-Based Buffer Overflow in SpreadSheet Lotus 123 Reader
CVE-2010-0131
Autonomy KeyView 10.4 and 10.9 - Stack-Based Buffer Overflow in SpreadSheet Lotus 123 Reader
CVE-2010-0126
Autonomy KeyView 10.4 and 10.9 - Heap-Based Buffer Overflow via Crafted Compound File
CVE-2010-3019
Opera < 10.61 - Remote Code Execution via HTML5 Canvas Painting Operations
CVE-2010-1799
Apple QuickTime - Stack-based Buffer Overflow via Crafted Movie File
CVE-2010-1797
iPhone OS - Remote Code Execution via Crafted CFF Opcodes in Embedded Fonts
CVE-2010-2994
Wireshark <1.2.10 - Buffer Overflow
CVE-2010-2990
Citrix Online Plug-in and ICA Client - Remote Code Execution via Crafted HTML or ICA File
CVE-2010-1902
Microsoft Word - Remote Code Execution via Crafted RTF Document
CVE-2010-1892
Microsoft Windows Vista SP1/SP2, Windows Server 2008, Windows 7 - Denial of Service via Malformed IPv6 Packets
CVE-2010-1882
Microsoft Windows XP SP2-SP3 and Server 2003 SP2 - Remote Code Execution via MPEG Layer-3 Audio Stream
CVE-2010-2980
Cisco Unified Wireless Network Solution 7.x < 7.0.98.0 - Denial of Service via Fragmented Traffic
CVE-2010-2979
Cisco Unified Wireless Network Solution 7.x < 7.0.98.0 - Denial of Service via ARP Storm
CVE-2010-2974
Wonderware Archestra <3.1 SP2 P01 - RCE
Details
Vulnerabilities 14,027
Exploit Likelihood High