CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,030 vulnerabilities with CWE-119
CVE-2007-5450
Safari on iPod touch and iPhone 1.1.1 - Denial of Service and Filesystem Exposure via TIFF File
CVE-2007-5436
G DATA Antivirus 2007 - Buffer Overflow via SelectPath Function in ScanObjectBrowser.DLL
CVE-2007-5325
CA BrightStor ARCServe Backup v9.01-R11.5 and Enterprise Backup r10.5 - Remote Code Execution via Buffer Overflow
CVE-2007-5326
CA BrightStor ARCServe Backup 9.01-R11.5 - Remote Code Execution via RPC Buffer Overflow
CVE-2007-5327
CA BrightStor ARCServe Backup 9.01-R11.5 & Enterprise Backup r10.5 - Remote Code Execution via RPC
CVE-2007-5330
CA BrightStor ARCServe Backup 9.01-R11.5 and Enterprise Backup r10.5 - Remote Code Execution via cadbd RPC Service
CVE-2007-5358
Asterisk < 1.4.13 - Buffer Overflow in Voicemail IMAP Storage
CVE-2007-5378
Tk Toolkit < 8.3.5 - Buffer Overflow in FileReadGIF Function
CVE-2007-5381
Cisco IOS - Stack-based Buffer Overflow via Long Hostname in LPD Error Message
CVE-2007-5169
Adobe PageMaker 7.0.1-7.0.2 - Stack-Based Buffer Overflow via Long Font Name in PMD File
CVE-2007-5365
Debian Linux - Memory Corruption
CVE-2007-4992
Firebird SQL 2.0.2 - Remote Code Execution via Long TCP Request
CVE-2007-5323
EMC RepliStor 6.1.3 - Remote Code Execution via Buffer Overflow in RepliStor Server Service
CVE-2007-3897
Microsoft Outlook Express and Windows Mail - Remote Code Execution via Long NNTP Response
CVE-2007-4466
Electronic Arts SnoopyCtrl - Stack-Based Buffer Overflow
CVE-2007-5300
wzdftpd 0.8.0 0.8.2 - Denial of Service via Long USER Command
CVE-2007-5301
AlsaPlayer < 0.99.80-rc2 - Buffer Overflow in Vorbis Input Plugin
CVE-2007-5279
PowerArchiver - Heap-Based Buffer Overflow via Long Filename in BlackHole Archive
CVE-2007-5263
Battlefront Dropteam < 1.3.3 - Remote Code Execution via Crafted Packet
CVE-2007-5243
InterBase 8.0.0.53-8.1.0.253 & WI 5.1.1.680-8.1.0.257 - Remote Code Execution via Stack Overflow
CVE-2007-5244
Borland InterBase 8.0.0.53-8.1.0.253 - Remote Code Execution via Long Attach Request
CVE-2007-5245
Firebird 1.5.3.4870 and 1.5.4.4910 - Remote Code Execution via SVC_attach or INET_connect
CVE-2007-5246
Firebird 2.0.0.12748 and 2.0.1.12855 - Remote Code Execution via Long Attach or Create Request
CVE-2007-5249
America's Army and America's Army Special Forces < 2.8.2 - Denial of Service via Long PB_Y or PB_U Packet
CVE-2007-5252
NetSupport Manager Client 10.00-10.20 and NetSupport School Student 9.00 - Buffer Overflow via Configuration Exchange
Details
Vulnerabilities 14,030
Exploit Likelihood High