CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,030 vulnerabilities with CWE-119
CVE-2007-5256
FSD 2.052 d9 and earlier - Remote Code Execution via Long HELP Command
CVE-2007-5257
EDraw Office Viewer Component < 5.3.220.1 - Stack-Based Buffer Overflow via FtpDownloadFile Method
CVE-2007-5241
HP OpenVMS < 8.3 - Denial of Service via MCR MCL SHOW CSMA-CD Port Command
CVE-2007-0447
Symantec Antivirus Scan Engine - Heap-Based Buffer Overflow via Crafted CAB Archives
CVE-2007-4568
X.Org X Font Server - Remote Code Execution via Crafted QueryXBitmaps and QueryXExtents Protocol Requests
CVE-2007-5217
Altnet Download Manager 4.0.0.6 - Stack-based Buffer Overflow via ADM4 ActiveX Install Method
CVE-2007-5209
CenterTools DriveLock 5.0 - Stack-based Buffer Overflow via Long HTTP Request
CVE-2007-5198
Nagios Plugins < 1.4.9 - Buffer Overflow via Location Header with Leading 'L' Characters
CVE-2007-5003
CA BrightStor ARCserve Backup r11.0-r11.5 - Stack-Based Buffer Overflow
CVE-2007-5082
BrightStor Hierarchical Storage Manager - Remote Code Execution via CsAgent Service Command
CVE-2007-5083
BrightStor Hierarchical Storage Manager - Remote Code Execution via CsAgent Service Commands
CVE-2007-5144
Windows Live Messenger - Buffer Overflow via Malformed File in Sharing Folders
CVE-2007-5145
Microsoft Windows XP - Buffer Overflow via Extended File Attributes
CVE-2007-5155
ICEOWS 4.20b - Remote Code Execution via Long Filename in ACE Archive Header
CVE-2007-5137
Tcl/Tk 8.4.13-8.4.15 - Buffer Overflow in ReadImage Function via Multi-Frame Interlaced GIF
CVE-2007-4880
IBM Tivoli Storage Manager Client 5.1-5.4 - Remote Code Execution via Crafted HTTP Headers
CVE-2007-5107
ask.com ask_toolbar < 4.0.2.53 - Stack-based Buffer Overflow via ShortFormat Property
CVE-2007-5094
Ipswitch IMail Server 8.01-8.11 - Remote Code Execution via Malformed Email Header
CVE-2007-5067
iMatix Xitami Web Server 2.5c2 - Remote Code Execution via Long If-Modified-Since Header
CVE-2007-5070
Quiksoft EasyMail MessagePrinter Object 6.0.1.0 - Heap-Based Buffer Overflow via SetFont Method
CVE-2007-5064
Xunlei Web Thunder 5.6.9.344 - Buffer Overflow via DownURL2 Method
CVE-2007-5036
AirDefense Airsensor M520 4.3.1.1 and 4.4.1.4 - Authenticated Denial of Service via Crafted HTTPS Query String
CVE-2007-5037
inotify-tools < 3.10 - Buffer Overflow via Long Filename
CVE-2007-5048
Lhaplus - Heap-based Buffer Overflow via Long Filename in ARJ Archive
CVE-2007-0061
VMware ACE < 1.0.3 - Remote Code Execution via Malformed DHCP Packet
Details
Vulnerabilities 14,030
Exploit Likelihood High