CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,028 vulnerabilities with CWE-119
CVE-2008-0225
xine-lib < 1.1.9 - Remote Code Execution via RTSP SDP Abstract Attribute
CVE-2008-0226
Oracle Mysql < 1.7.5 - Memory Corruption
CVE-2008-0227
yaSSL < 1.7.5 - Denial of Service via Large Hello Packet Size Value
CVE-2008-0127
McAfee E-Business Server <= 8.5.2 - Remote Code Execution via Long Authentication Packet
CVE-2008-0151
Foxit WAC Server 2.1.0.910 and earlier - Heap-Based Buffer Overflow via Telnet Request
CVE-2008-0152
SLNet RF Telnet Server < 4.1.1.3758 - Denial of Service via Telnet Options
CVE-2008-0003
OpenPegasus CIM management server - Buffer Overflow
CVE-2008-0096
Georgia SoftWorks SSH2 Server < 7.01.0003 - Remote Code Execution via Long Username or Password
CVE-2008-0098
RealPlayer 11 build 6.0.14.748 - Buffer Overflow
CVE-2008-0100
white_dune < 0.29beta791 - Remote Code Execution via Long String in .WRL File
CVE-2008-0090
DivX Player 6.6.0 - Denial of Service via npUpload.dll SetPassword Method
CVE-2007-6762 CRITICAL
Linux kernel <2.6.20 - Buffer Overflow
CVSS 9.8
CVE-2007-5341 CRITICAL
Firefox < 2.0.0.7 - Remote Code Execution in Venkman Script Debugger
CVSS 9.8
CVE-2007-5199 CRITICAL
libxfont 1.3.1 - Single Byte Overflow in catalogue.c
CVSS 9.8
CVE-2007-6761 HIGH
Linux kernel <2.6.24 - Info Disclosure
CVSS 7.8
CVE-2007-2280
HP OpenView Storage Data Protector 5.50 and 6.0 - Remote Code Execution via MSG_PROTOCOL Command
CVE-2007-5475
Marvell 88W8361P-BEM1 Chipset - Buffer Overflow via 802.11 Association Request
CVE-2007-6732
Extended Module Player <2.5.1 - Buffer Overflow
CVE-2007-2238
Microsoft Intelligent Application Gateway 2007 - Remote Code Execution via Whale Client Components ActiveX Control
CVE-2007-6725
Ghostscript <8.62 - DoS/Buffer Overflow
CVE-2007-4475
SAP AG SAPgui <7.10 PL9 - Buffer Overflow
CVE-2007-5543
Miranda IM 0.6.8 and 0.7.0 - Remote Code Execution via Crafted Yahoo! Messenger Packet
CVE-2007-5542
Miranda IM 0.6.8 - Remote Code Execution via Crafted Yahoo! Messenger Packet
CVE-2007-2795
Ipswitch IMail <2006.21 - Buffer Overflow
CVE-2007-0074
Trend Micro ServerProtect 5.58 and 5.7 - Remote Code Execution via Heap-Based Buffer Overflow
Details
Vulnerabilities 14,028
Exploit Likelihood High