CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,027 vulnerabilities with CWE-119
CVE-2009-0896
IBM WebSphere MQ 6.x-6.0.2.6 and 7.x-7.0.0.9 - Remote Code Execution via Crafted Request
CVE-2009-0957
Apple QuickTime - Remote Code Execution via Crafted JP2 Image
CVE-2009-0954
Apple QuickTime < 7.6.2 - Remote Code Execution via Crafted CRGN Atom
CVE-2009-0953
Apple QuickTime < 7.6.2 - Remote Code Execution via Crafted PICT Image
CVE-2009-0952
Apple QuickTime < 7.6.2 - Remote Code Execution via Crafted Compressed PSD Image
CVE-2009-0951
Apple QuickTime < 7.6.2 - Remote Code Execution via Crafted FLC File
CVE-2009-0950
Apple iTunes < 8.2 - Remote Code Execution via Long itms: URL Component
CVE-2009-0894
Xvid < 1.2.2 - Heap-based Buffer Overflow in decoder_create Function
CVE-2009-0893
Xvid < 1.2.2 - Remote Code Execution via Crafted Macroblock in Video Stream
CVE-2009-0185
Apple QuickTime <7.6.2 - Buffer Overflow
CVE-2009-1830
Soulseek 156 and 157 NS - Stack-Based Buffer Overflow via Long Search Query
CVE-2009-1817
DigiMode Maya 1.0.2 - Remote Code Execution via Malformed Playlist File
CVE-2009-1815
Sonic Spot Audioactive Player 1.93b - Stack-based Buffer Overflow via Playlist File
CVE-2009-1633
Linux Kernel < 2.6.29.4 - Buffer Overflow in CIFS Subsystem via Malformed Unicode String
CVE-2009-1800
Chinagames iGame 2009 - Stack-Based Buffer Overflow via CreateChinagames Method
CVE-2009-1791
libsndfile 1.0.15-1.0.19 - Heap-Based Buffer Overflow in AIFF Header Parsing
CVE-2009-1788
libsndfile 1.0.15-1.0.19 - Heap-Based Buffer Overflow in VOC Header Parsing
CVE-2009-1636
Novell GroupWise 7.x < 7.03 HP3 and 8.x < 8.0 HP2 - Remote Code Execution via SMTP Command or Email Address
CVE-2009-1476
Darren Reed IPFilter 4.1.31 - Local Privilege Escalation via Long Hostname Buffer Overflow
CVE-2009-1375
Pidgin < 2.5.6 - Denial of Service via XMPP or Sametime Protocol Buffer Handling
CVE-2009-1374
Pidgin < 2.5.6 - Buffer Overflow via QQ Packet
CVE-2009-1373
Pidgin < 2.5.6 - Authenticated Remote Code Execution via XMPP SOCKS5 Bytestream Overflow
CVE-2009-1759
Rahul Dtorrent - Memory Corruption
CVE-2009-1740
D-Link MPEG4 Viewer ActiveX Control - Heap-Based Buffer Overflow via SetFilePath or SetClientCookie Method
CVE-2009-1377
OpenSSL 0.9.8-0.9.8m - Denial of Service via DTLS Record Buffer Overflow
Details
Vulnerabilities 14,027
Exploit Likelihood High