CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,031 vulnerabilities with CWE-119
CVE-2007-0460
SUSE Linux < 10.1 - Buffer Overflow in ulogd
CVE-2007-0449
CA BrightStor ARCserve Backup r11.0-r11.1 SP1 - Remote Code Execution via Crafted Packets
CVE-2007-0355
Apple Minimal SLP Service Agent - Buffer Overflow via Invalid Attr-List Field
CVE-2007-0315
FileZilla < 2.2.30 - Remote Code Execution via Buffer Overflow in Options and Queue Control
CVE-2007-0243
Sun JDK and JRE < 1.5.0 - Buffer Overflow via GIF Image Block
CVE-2007-0270
Oracle Database 9.2.0.7 and 10.1.0.4 - Authenticated Buffer Overflow in SYS.DBMS_DRS GET_PROPERTY Function
CVE-2007-0272
Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.4 - Authenticated Buffer Overflow in MDSYS.MD
CVE-2007-0235
libgtop < 2.14.6 - Stack-Based Buffer Overflow via Long Process Filename
CVE-2007-0236
Apple Mac OS X 10.4.8 - Remote Code Execution via Crafted AppleTalk Request
CVE-2007-0169
BrightStor ARCserve Backup < 11.5 - Remote Code Execution via Crafted RPC Requests
CVE-2007-0197
Finder 10.4.6 on Mac OS X 10.4.8 - DoS and RCE via Long Volume Name in DMG
CVE-2007-0160
CenterICQ 4.9.11-4.21.0 - Stack-based Buffer Overflow in LiveJournal Hook
CVE-2007-0034
Microsoft Outlook 2000, 2002, and 2003 - Buffer Overflow via Crafted OSS File
CVE-2007-0126
Opera 9.02 - Remote Code Execution via JPEG DHT Marker
CVE-2007-0080
FreeRadius < 1.1.3 - Buffer Overflow in SMB_Connect_Server
CVE-2007-0016
MoviePlay 4.76 - Stack-Based Buffer Overflow via LST File Filename
CVE-2006-3635 MEDIUM
Linux Kernel < 2.6.25.20 - Denial of Service via IA64 RSE State Mishandling
CVSS 5.5
CVE-2006-5269
Trend Micro ServerProtect 5.58 and 5.7 - Remote Code Execution via Heap-Based Buffer Overflow
CVE-2006-7222
Media Player Classic 6.4.9.0 - Buffer Overflow via Crafted FLI File
CVE-2006-7221 HIGH
fsp/c_library < 0.7 - Denial of Service via Off-by-One Errors in fsplib.c
CVSS 7.5
CVE-2006-4183
Microsoft DirectX SDK - Heap-Based Buffer Overflow via Crafted Targa File
CVE-2006-7157
Google Earth 4.0.2091 - Denial of Service via Long href Element in KML/KMZ File
CVE-2006-3448
Microsoft Windows - Buffer Overflow
CVE-2006-5266
Microsoft Dynamics GP < 9.0 - Remote Code Execution via Crafted DPM or DPS Message
CVE-2006-6881
ATMEL Linux PCI PCMCIA USB Drivers <3.4.1.1 - Buffer Overflow
Details
Vulnerabilities 14,031
Exploit Likelihood High