CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,028 vulnerabilities with CWE-119
CVE-2009-1284
BibTeX 0.99 - Denial of Service via Long .bib File
CVE-2009-1251
Unix - Memory Corruption
CVE-2009-0844
MIT Kerberos 5 1.5-1.6.3 - Denial of Service via SPNEGO get_input_token Buffer Over-Read
CVE-2009-1274
xine-lib - Remote Code Execution via Large STTS Atom Count in Quicktime Movie File
CVE-2009-1260
UltraISO < 9.3.3 - Stack-Based Buffer Overflow via Crafted CCD or IMG File
CVE-2009-1257
Magic ISO Maker 5.5 build 0274 - Heap-Based Buffer Overflow via Crafted CCD File
CVE-2009-0910
VMware ACE, Player, Server, and Workstation - Heap-Based Buffer Overflow in VNnc Codec
CVE-2009-0909
VMware ACE, Player, Server, and Workstation - Heap-Based Buffer Overflow in VNnc Codec
CVE-2009-1236
macOS X < 10.5.6 - Heap-Based Buffer Overflow via AppleTalk ZIP NOTIFY Packet
CVE-2009-1227
Check Point Firewall-1 PKI Web Service - Buffer Overflow via Long HTTP Header
CVE-2009-1209
W3C Amaya Web Browser 11.1 - Remote Code Execution via Long Defer Attribute in Script Tag
CVE-2009-1177
MapServer 4.x < 4.10.4 and 5.x < 5.2.2 - Stack-Based Buffer Overflow in maptemplate.c
CVE-2009-1176
MapServer 4.x < 4.10.4 and 5.x < 5.2.2 - Buffer Overflow via Long ID Parameter
CVE-2009-0840
MapServer <4.10.4, <5.2.2 - Buffer Overflow
CVE-2009-0839
MapServer <4.10.4-5.2.2 - Buffer Overflow
CVE-2009-0590
OpenSSL < 0.9.8k - Denial of Service via ASN1_STRING_print_ex Invalid Memory Access
CVE-2009-1071
Icarus 2.0 - Stack-based Buffer Overflow via Crafted PGN File
CVE-2009-1068
BS.Player <=2.34 Build 980 - Stack-based Buffer Overflow via Long Hostname in .bsl Playlist File
CVE-2009-1063
eXeScope 6.50 - Buffer Overflow via Crafted Executable File
CVE-2009-1041
FreeBSD 7.0-7.2 - Local Arbitrary Kernel Memory Overwrite via ktimer Out-of-Bounds Timer Value
CVE-2009-1098
Java SE JDK and JRE < 1.5.0, < 1.6.0, <= 1.4.2_19, <= 1.3.1_24 - Remote Code Execution via Crafted GIF Image
CVE-2009-1097
JDK and JRE < 1.6.0 - Remote Code Execution via Crafted PNG or GIF Image
CVE-2009-1096
Java SE JDK and JRE < 5.0 Update 17 and <= 6 Update 12 - Buffer Overflow via Pack200 JAR Headers
CVE-2009-0215
IBM Access Support ActiveX Control - Stack-Based Buffer Overflow
CVE-2009-0928
Adobe Acrobat < 9.0 - Remote Code Execution via JBIG2 Stream Size Inconsistency
Details
Vulnerabilities 14,028
Exploit Likelihood High