CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,027 vulnerabilities with CWE-119
CVE-2010-0507
Mac OS X < 10.6.3 - Remote Code Execution via Crafted PEF Image
CVE-2010-0506
Mac OS X 10.5.8 - Remote Code Execution via Crafted NEF Image
CVE-2010-0505
Mac OS X < 10.6.3 - Remote Code Execution via Crafted JP2 Image
CVE-2010-0504
Apple Mac OS X Server < 10.6.3 - Remote Code Execution via iChat Server Stack Overflow
CVE-2010-0065
Mac OS X < 10.6.3 - Remote Code Execution via Crafted Bzip2-Compressed Disk Image
CVE-2010-0062
Apple Mac OS X - Heap-Based Buffer Overflow in QuickTime via Malformed .3g2 Movie File
CVE-2010-0060
Apple Mac OS X - Remote Code Execution via Crafted QDMC Audio Content
CVE-2010-0059
Mac OS X - Remote Code Execution via Crafted QDM2 Audio Content
CVE-2010-0056
Mac OS X 10.5.8 - Remote Code Execution via Cocoa Spell Checking Buffer Overflow
CVE-2010-1185
SAP MaxDB <7.6.07 - Buffer Overflow
CVE-2010-0731
GnuTLS < 1.2.1 - Stack-Based Buffer Overflow via X.509 Certificate Serial Number Extraction
CVE-2010-1122
Firefox 3.5.x-3.5.8 - Memory Corruption via Compressed Data Handling
CVE-2010-1117
Internet Explorer 8 - Buffer Overflow
CVE-2010-0167
Firefox 3.0.x-3.0.17, 3.5.x-3.5.7, 3.6.x-3.6.1 - Remote Code Execution via Memory Corruption
CVE-2010-0166
Firefox 3.6 - Memory Corruption via Invisible Unicode Characters
CVE-2010-0165
Firefox < 3.6.2 - Memory Corruption via JavaScript eval Indirect Calls
CVE-2010-0619
Lexmark x94x - Stack-based Buffer Overflow via PJL INQUIRE Command
CVE-2010-0688
Orbital Viewer 1.04 - Buffer Overflow
CVE-2010-0421
Pango < 1.27.1 - Denial of Service via Crafted Font File
CVE-2010-0793
BarnOwl < 1.5.1 - Buffer Overflow via Crafted CC Header
CVE-2010-0624
GNU tar < 1.23 and GNU cpio < 2.11 - Heap-Based Buffer Overflow via rmt Client
CVE-2010-0961
IBM AIX 6.1- VIos 2.1 - Buffer Overflow
CVE-2010-0960
IBM AIX 6.1- VIos 2.1 - Buffer Overflow
CVE-2010-0265
Microsoft Windows Movie Maker 2.1, 2.6, 6.0 and Producer 2003 - Remote Code Execution via Crafted Project File
CVE-2010-0261
Microsoft Excel 2007 SP1-SP2 - Remote Code Execution via Crafted MDXSET Record
Details
Vulnerabilities 14,027
Exploit Likelihood High