CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,027 vulnerabilities with CWE-119
CVE-2009-1534
Microsoft Office Web Components - Remote Code Execution via Crafted Property Values
CVE-2009-1133
Microsoft Remote Desktop Connection - Remote Code Execution via Heap Overflow
CVE-2009-2414
libxml2/libxml DoS via Deep Element Declarations in DTD
CVE-2009-1885
Apache Xerces C++ 2.7.0-2.8.0 - DoS
CVE-2009-2727
IBM AIX 5.2.0, 5.3.0, 5.3.7-5.3.10, 6.1.0-6.1.3 - Stack-Based Buffer Overflow in _tt_internal_realpath
CVE-2009-2719
Java SE < 6 - Denial of Service via Crafted JNLP File
CVE-2009-2026
CA Software Delivery <r11.2 - Buffer Overflow
CVE-2009-2193
Apple Mac OS X <10.5.8 - Buffer Overflow
CVE-2009-2188
Apple Mac OS X <10.5.8 - Safari <4.0.3 - Buffer Overflow
CVE-2009-1728
Apple Mac OS X 10.4-10.5.7 - Stack-Based Buffer Overflow via Crafted Canon RAW Image
CVE-2009-1726
Apple Mac OS X 10.4.11 and 10.5 < 10.5.8 - Remote Code Execution via Crafted Image with Embedded ColorSync Profile
CVE-2009-2662
Mozilla Firefox <3.5.2 - Memory Corruption
CVE-2009-2404
Mozilla NSS <3.12.3 - Buffer Overflow
CVE-2009-1868
Adobe AIR < 1.5.2 - Heap-Based Buffer Overflow via URL Parsing
CVE-2009-1866
Adobe AIR < 1.5.2 - Stack-based Buffer Overflow
CVE-2009-1864
Adobe AIR < 1.5.2 - Heap-based Buffer Overflow
CVE-2009-2407
Linux kernel <2.6.30.4 - Buffer Overflow
CVE-2009-2406
Linux kernel <2.6.30.4 - Buffer Overflow
CVE-2009-1722
OpenEXR 1.2.2 - Heap-Based Buffer Overflow in Compression Implementation
CVE-2009-2650
Sorcerer Software MultiMedia Jukebox 4.0 - Buffer Overflow
CVE-2009-2621
Squid 3.0-3.0.STABLE16,3.1-3.1.0.11 - DoS
CVE-2009-2617
BaoFeng Storm <3.9.62 - Buffer Overflow
CVE-2009-2582
Akamai Download Manager <2.2.4.8 - Buffer Overflow
CVE-2009-2578
Google Chrome 2.x-2.0.172 - Denial of Service via Long Unicode String to write Method
CVE-2009-2570
Symantec WinFax Pro 10.03 - Buffer Overflow
Details
Vulnerabilities 14,027
Exploit Likelihood High