CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,028 vulnerabilities with CWE-119
CVE-2008-0623
Yahoo! Music Jukebox 2.2.2.056 - Stack-Based Buffer Overflow via AddImage Method
CVE-2008-0624
Yahoo! Music Jukebox 2.2.2.56 - Buffer Overflow via Datagrid ActiveX AddButton Method
CVE-2008-0625
Yahoo! Music Jukebox 2.2.2.56 - Buffer Overflow via MediaGrid ActiveX AddBitmap Method
CVE-2008-0629
MPlayer - Buffer Overflow via CDDB Album Title
CVE-2008-0630
MPlayer 1.0rc2 and SVN before r25823 - Buffer Overflow via URL Parsing
CVE-2008-0633
anon_proxy_server < 0.102 - Denial of Service via Username with Excessive Quotes
CVE-2008-0634
Sejoong Namo ActiveSquare6 - Buffer Overflow via NamoInstaller.NamoInstall.1 ActiveX Install Method
CVE-2008-0608
IPSwitch WS_FTP 6.1 - Denial of Service via Large UDP Packets to Port 5151
CVE-2008-0610
UltraVNC 1.0.2 and 1.0.4 - Stack-based Buffer Overflow in ClientConnection::NegotiateProtocolVersion
CVE-2008-0619
Nero MediaPlayer < 1.4.0.35 - Remote Code Execution via Long URI in M3U File
CVE-2008-0620
SAPLPD <= 6.28 - Denial of Service via 0x53 LPD Command
CVE-2008-0621
SAPLPD < 6.28 - Remote Code Execution via Long LPD Command Arguments
CVE-2008-0590
WS_FTP Server 6.1.0.0 - Authenticated Buffer Overflow via Long Opendir Command
CVE-2008-0586
IBM AIX 5.2-5.3 - Local Privilege Escalation via Buffer Overflow in LVM Utilities
CVE-2008-0587
IBM AIX 5.2-5.3 - Buffer Overflow in uspchrp Program
CVE-2008-0544
SDL_image - Heap-Based Buffer Overflow in IMG_lbm.c via Crafted IFF ILBM File
CVE-2008-0064
GFL SDK 2.870, NConvert < 4.85, XnView < 1.91 - Stack-based Buffer Overflow via Radiance RGBE File
CVE-2008-0509
IBM AIX 4.3 - Buffer Overflow in piox25 and piox25remote
CVE-2008-0492
Persits XUpload 3.0.0.4 - Stack-based Buffer Overflow via AddFile Method
CVE-2008-0493
IrfanView - Remote Code Execution via Crafted FlashPix File
CVE-2008-0477
Move Media Player - Stack-based Buffer Overflow via QMPUpgrade.Upgrade.1 ActiveX Control
CVE-2008-0176
GE Fanuc CIMPLICITY < 6.1_sp6_hf_010708_162517_6106 - Remote Code Execution via Heap-Based Buffer Overflow
CVE-2008-0467
Firebird < 2.0.4 and 2.1.x < 2.1.0 RC1 - Stack-Based Buffer Overflow via Long Username
CVE-2008-0443
Lycos FileUploader.dll 2.0.0.2 - Heap-Based Buffer Overflow via HandwriterFilename Property
CVE-2008-0437
HP Virtual Rooms - Buffer Overflow via ActiveX Control Property Manipulation
Details
Vulnerabilities 14,028
Exploit Likelihood High