CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,027 vulnerabilities with CWE-119
CVE-2009-3853
IBM Tivoli Storage Manager 5.3-5.3.6.6, 5.4-5.4.2, 5.5-5.5.2.1, 6.1-6.1.0.1 - Remote Code Execution
CVE-2009-3463
Adobe Shockwave Player < 11.5.2.602 - Remote Code Execution via Crafted Shockwave Content
CVE-2009-0306
BlackBerry Desktop Software <5.0.1 - Buffer Overflow
CVE-2009-3031
Symantec Altiris Deployment Solution and Notification Server - Stack-based Buffer Overflow via BrowseAndSaveFile Method
CVE-2009-3838
Pegasus Mail 4.41 - Stack-based Buffer Overflow via Long POP3 Error Message
CVE-2009-3837
Eureka Email 2.2q - Remote Code Execution via Long POP3 Error Message
CVE-2009-3373
Firefox < 3.0.15 and 3.5.x < 3.5.4 - Remote Code Execution via GIF Image Parser
CVE-2009-3826
squidGuard 1.4 - Buffer Overflow via Long URL
CVE-2009-3700
squidGuard 1.3 and 1.4 - Denial of Service via Long URL with Many Slash Characters
CVE-2009-3812
OtsAV DJ, Radio, and TV 1.85.64.0 - Heap-Based Buffer Overflow via Long Playlist in OFL File
CVE-2009-3811
Music Tag Editor 1.61 build 212 - Stack-based Buffer Overflow via Long ID3 Tag in MP3 File
CVE-2009-3810
Acoustica MP3 Audio Mixer 2.471 - Heap-Based Buffer Overflow via Long String in M3U Playlist File
CVE-2009-3809
Acoustica MP3 Audio Mixer 1.0 and 2.471 - Denial of Service via Long String in SGP Playlist File
CVE-2009-3807
MixVibes 7.043 Pro - Stack-Based Buffer Overflow via .vib File
CVE-2009-3790
FormMax 3.5 - Heap-Based Buffer Overflow via Crafted FormMax Import File
CVE-2009-2281
MapServer 4.x-4.10.4 and 5.x < 5.4.2 - Remote Code Execution via Crafted Content-Length Header
CVE-2009-2997
Adobe Acrobat and Reader < 9.1.3 - Remote Code Execution via Heap-Based Buffer Overflow
CVE-2009-2994
Adobe Acrobat and Reader < 9.1.3 - Remote Code Execution
CVE-2009-2986
Adobe Acrobat and Reader < 9.1.3 - Remote Code Execution via Heap-Based Buffer Overflow
CVE-2009-3546
GD Graphics Library - Buffer Overflow via Crafted GD File
CVE-2009-2970
UiTV UiPlayer - Stack-based Buffer Overflow via GetUiDllVersion Filename Parameter
CVE-2009-3717
LucVil PatPlayer 3.9 - Heap-Based Buffer Overflow via Long URI in Playlist File
CVE-2009-3711
httpdx 1.4 - Stack-based Buffer Overflow via Long HTTP GET Request
CVE-2009-3709
Konae Alleycode HTML Editor 2.21 - Stack-Based Buffer Overflow via TITLE Tag
CVE-2009-3708
Alleycode HTML Editor 2.21 - Stack-Based Buffer Overflow via Long META Tag Value
Details
Vulnerabilities 14,027
Exploit Likelihood High