CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,028 vulnerabilities with CWE-119
CVE-2009-1377
OpenSSL 0.9.8-0.9.8m - Denial of Service via DTLS Record Buffer Overflow
CVE-2009-1252
NTP < 4.2.4p7 and 4.2.5 < 4.2.5p74 - Remote Code Execution via Crafted Autokey Packet
CVE-2009-1675
ElectraSoft 32bit FTP 09.04.24 - Remote Code Execution via Long PASV Reply
CVE-2009-1674
Microchip MPLAB IDE 8.30 - Stack-Based Buffer Overflow via Long .cof Pathname in .mcp File
CVE-2009-1672
JRE 6 Update 13 - Remote Code Execution via Deployment Toolkit ActiveX Control
CVE-2009-1671
JRE 6 Update 13 - Remote Code Execution via Deployment Toolkit ActiveX Control Buffer Overflow
CVE-2009-1667
Mini-stream CastRipper 2.50.70 - Stack-based Buffer Overflow via Long Entry in .m3u File
CVE-2009-1660
ViPlay3 3.0 and earlier - Stack-based Buffer Overflow via Long File Entry in .vpl File
CVE-2009-1647
Ultrafunk Popcorn 1.87 - Heap-Based Buffer Overflow via Long POP3 Response
CVE-2009-1646
Mini-stream RM Downloader 3.0.0.9 - Stack-based Buffer Overflow via Long RTSP URL
CVE-2009-1645
Mini-stream Easy RM-MP3 Converter 3.0.0.7 - Remote Code Execution via Long RTSP URL or HREF Attribute
CVE-2009-1644
Sorinara Streaming Audio Player 0.9 - Stack-based Buffer Overflow via Crafted PLA File
CVE-2009-1643
Soritong MP3 Player 1.0 - Stack-Based Buffer Overflow via Crafted .m3u File
CVE-2009-1642
Mini-stream ASX to MP3 Converter 3.0.0.7 - Stack-based Buffer Overflow via Long rtsp URL or HREF Attribute
CVE-2009-1641
Mini-stream Ripper 3.0.1.1 - Remote Code Execution via Long RTSP URL or HREF Attribute
CVE-2009-1640
Nucleus Data Recovery Kernel Recovery for Macintosh 4.04 - Stack-based Buffer Overflow via Crafted .AMHH File
CVE-2009-1639
Nucleus Data Recovery Kernel Recovery for Novell 4.03 - Stack-based Buffer Overflow via Crafted .NKNT File
CVE-2009-0688
Cyrus SASL < 2.1.23 - Remote Code Execution via sasl_encode64 Buffer Overflow
CVE-2009-0158
Apple Mac OS X <10.5.7 - Buffer Overflow
CVE-2009-0157
Apple Mac OS X <10.5.7 - Buffer Overflow
CVE-2009-0154
Mac OS X 10.4.11 and 10.5 < 10.5.7 - Remote Code Execution via Crafted CFF Font
CVE-2009-0150
Apple Mac OS X 10.5 <10.5.7 - Buffer Overflow
CVE-2009-1137
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 - Remote Code Execution via Crafted Sound Data
CVE-2009-1131
Microsoft Office PowerPoint 2000 SP3 - Remote Code Execution via Malformed PowerPoint File
CVE-2009-1130
Microsoft Office PowerPoint - Remote Code Execution via Crafted Notes Container
Details
Vulnerabilities 14,028
Exploit Likelihood High