CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,028 vulnerabilities with CWE-119
CVE-2009-0921
HP Network Node Manager 7.01, 7.51, 7.53 - Remote Code Execution via Long OvAcceptLang Cookie or Accept-Language Header
CVE-2009-0920
HP Network Node Manager 7.01, 7.51, 7.53 - Stack-Based Buffer Overflow via OvOSLocale Cookie
CVE-2009-0193
Adobe Acrobat Reader <9.1-8.1.4-7.1.1 - Buffer Overflow
CVE-2009-1059
PowerZip 7.2 - Stack-based Buffer Overflow via Crafted ZIP File
CVE-2009-1058
ZipGenius - Stack-Based Buffer Overflow via Crafted ZIP File
CVE-2009-1057
MicroSmarts ZipItFast! 3.0 - Remote Code Execution via Crafted ZIP File
CVE-2009-0583
Ghostscript < 8.64 and Argyll CMS < 1.0.3 - Heap-Based Buffer Overflow via Crafted ICC Profile
CVE-2009-1040
WinAsm Studio 5.1.5.0 - Buffer Overflow via Crafted Project File
CVE-2009-1039
CDex 1.70b2 - Remote Code Execution via Crafted Ogg Vorbis Info Header
CVE-2009-1029
POP Peeper < 3.4.0.0 - Remote Code Execution via Long Date Header
CVE-2009-1028
ediSys eZip Wizard 3.0 - Stack-Based Buffer Overflow via Crafted ZIP File
CVE-2009-1022
gomlab gom_encoder < 1.0.0.11 - Heap-Based Buffer Overflow via Long Text Field in Subtitle File
CVE-2009-0824
Elaborate Bytes ElbyCDIO.sys <=6.0.2.0 - DoS
CVE-2009-0885
Media Commands 1.0 - Remote Code Execution via Long String in Playlist File
CVE-2009-0869
IBM Tivoli Storage Manager HSM 5.3.2.0-5.3.5.0 5.4.0.0-5.4.2.5 5.5.0.0-5.5.1.4 - Buffer Overflow
CVE-2009-0837
Foxit Reader <3.0 Build 1506 - Buffer Overflow
CVE-2009-0836
Foxit Reader 2.3-3.0 - Remote Code Execution via Crafted PDF File
CVE-2009-0849
NovaStor NovaNET 12 - Stack-Based Buffer Overflow via Long Username Field
CVE-2009-0833
Winamp 5.541 - gen_msn.dll Buffer Overflow
CVE-2009-0812
BreakPoint Software Hex Workshop <6 - Buffer Overflow
CVE-2009-0779
IBM AIX 5.3 and 6.1 - Buffer Overflow in pppdial via Long Input String
CVE-2009-0757
GNU MPFR 2.4.0 - Denial of Service via Buffer Overflow in mpfr_snprintf and mpfr_vsnprintf
CVE-2009-0520
Adobe Flash Player <9.0.159.0 & <10.0.22.87 - RCE
CVE-2009-0187
Orbit Downloader <2.8.5 - Buffer Overflow
CVE-2009-0734
Nokia PC Suite <6.86.9.3 - Buffer Overflow
Details
Vulnerabilities 14,028
Exploit Likelihood High