CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,030 vulnerabilities with CWE-119
CVE-2007-4222
IBM Lotus Notes <7.0.3 - Buffer Overflow
CVE-2007-3510
IBM Lotus Domino < 6.5.6 FP2 and 7.x < 7.0.3 - Authenticated Buffer Overflow via Long Mailbox Name
CVE-2007-5699
eIQNetworks Enterprise Security Analyzer 2.5 - Stack-Based Buffer Overflow via SEARCHREPORT Command
CVE-2007-5690
Asterisk Zaptel 1.4.5.1 - Local Buffer Overflow via Long Device Name
CVE-2007-5687
JustSystems Ichitaro 2004-2007, 11-13 - Buffer Overflow via Rich Text Processing
CVE-2007-2983
BT Consumer WebHelper < 2.0.0.7 - Remote Code Execution via Buffer Overflow in btwebcontrol.dll
CVE-2007-5675
MultiXTpm Application Server < 4.0.2c - Remote Code Execution via DebugPrint Long String Argument
CVE-2007-5652
IBM DB2 < 9.1 - Denial of Service via Authentication Information List Storage
CVE-2007-5634
SpeedFan 4.33 - Local Denial of Service via IOCTL 0x9c402420 Buffer Overflow
CVE-2007-5636
Nortel IP Softphone 2050 - Buffer Overflow via RTCP Port Flood
CVE-2007-5623
Nagios Plugins 1.4.10 - Denial of Service via SNMP Reply Buffer Overflow
CVE-2007-5601
RealPlayer - Stack-based Buffer Overflow in Database Component via Playlist Name
CVE-2007-5590
Miranda < 0.7.1 - Remote Code Execution via Buffer Overflow
CVE-2007-5587
Macrovision SafeDisc < 4.3.86.0 - Local Privilege Escalation via METHOD_NEITHER IOCTL Buffer Overflow
CVE-2007-5546
TIBCO SmartPGM FX - Stack-Based Buffer Overflow
CVE-2007-5548
Cisco IOS - Stack-based Buffer Overflow in Command EXEC
CVE-2007-5559
IBM ThinkVantage TPM - Heap-based Buffer Overflow via Crafted HTTP Packet
CVE-2007-5560
Juniper HTTP Service - Heap-based Buffer Overflow via Crafted HTTP Packet
CVE-2007-5538
Cisco Unified Communications Manager < 5.1(3) Buffer Overflow in TFTP File Locator Service
CVE-2007-5507
Oracle Database Server - Denial of Service and Memory Disclosure via GIOP Packet Buffer Over-Read
CVE-2007-4343
IrfanView 3.99 and 4.00 - Stack-based Buffer Overflow via Crafted Palette File
CVE-2007-5487
jetAudio Basic 7.0.3 - Stack-Based Buffer Overflow via Long URL in EXTM3U Section
CVE-2007-5466
eXtremail <= 2.1.1 - Remote Code Execution via IMAP Buffer Overflow
CVE-2007-5464
Live for Speed < 0.5x10 - Authenticated Stack-Based Buffer Overflow via Long Skin Name
CVE-2007-5445
DB Software Laboratory Vimpx - Memory Corruption
Details
Vulnerabilities 14,030
Exploit Likelihood High