CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,028 vulnerabilities with CWE-119
CVE-2008-3126
Fujitsu Siemens Computers ServerView <4.60.07 - RCE
CVE-2008-3108
Sun Java Runtime Environment <5.0 - Buffer Overflow
CVE-2008-3111
Sun Java Web Start < Update 4 - Buffer Overflow
CVE-2008-0086
Microsoft SQL Server 2000 SP4 and MSDE 2000 SP4 - Authenticated Buffer Overflow via Crafted SQL Expression
CVE-2008-0106
Microsoft SQL Server 2005 SP1-SP2 and Express Edition SP1-SP2 - Remote Code Execution via Crafted Insert Statement
CVE-2008-2959
Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Buffer Overflow via fCreateShellLink lpstrLinkPath Argument
CVE-2008-2908
Novell iPrint Client < 4.35 - Remote Code Execution via ActiveX Control Buffer Overflow
CVE-2008-2910
muvee autoProducer 6.0 and 6.1 - Buffer Overflow via DXTTextOutEffect ActiveX FontSetting Property
CVE-2008-2922
dana_irc_client < 1.3 - Stack-based Buffer Overflow via Long IRC Message
CVE-2008-2880
IBM AFP Viewer Plug-in 2.0.7.1 and 3.2.1.1 - Heap-based Buffer Overflow via Long SRC Property
CVE-2008-2851
Offsystem - Memory Corruption
CVE-2008-2427
GFL SDK 2.82 - Stack-based Buffer Overflow via Sun TAAC File Format Keyword
CVE-2008-2829
PHP < 4.4.9 - Denial of Service and Possible Remote Code Execution via Long IMAP Request
CVE-2008-1952
XenSource Xen Para Virtualized Frame Buffer - Denial of Service via Frame Buffer Size Manipulation
CVE-2008-2828
tmsnc - Stack-based Buffer Overflow via UBX Command Payload
CVE-2008-2786
Firefox 2.0.x and 3.0 - Buffer Overflow
CVE-2008-2745
Black Ice Software Annotation Plugin 10.95 - Stack-based Buffer Overflow via AnnoSaveToTiff Method
CVE-2008-2709
IBM OS/400 V5R4M0, V5R4M5, and V6R1M0 - Buffer Overflow in RCHMGR BrSmRcvAndCheck Function
CVE-2008-2639
Citect CitectSCADA 6-7 and CitectFacilities 7 - Remote Code Execution via ODBC Server Service
CVE-2008-2693
Black Ice Barcode SDK 5.01 - Stack-Based Buffer Overflow via BITiffCtrl SetByteOrder Method
CVE-2008-2703
Novell GroupWise Messenger < 2.0.3 HP1 - Remote Code Execution via Spoofed Server Response
CVE-2008-0011
Microsoft DirectX 8.1-9.0c - Remote Code Execution via Crafted MJPEG Stream
CVE-2008-0956
BackWeb < 8.1.1.86 and Logitech Desktop Manager < 2.55 - Remote Code Execution via Stack-Based Buffer Overflow
CVE-2008-1442
Microsoft Internet Explorer <7 - Buffer Overflow
CVE-2008-1444
Microsoft DirectX <8.1 - Buffer Overflow
Details
Vulnerabilities 14,028
Exploit Likelihood High