CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,031 vulnerabilities with CWE-119
CVE-2006-4326
Justsystem Ichitaro 9.x-13.x and FormLiner - Stack-based Buffer Overflow via Long Unicode Strings
CVE-2006-4262
cscope < 15.5 - Buffer Overflow via Long Pathname or Command Line Argument
CVE-2006-3638
Microsoft Internet Explorer 5.01 and 6 - Remote Code Execution via Uninitialized COM Object Handling
CVE-2006-4018
ClamAV 0.81-0.88.3 - Remote Code Execution via UPX Packed File with Large rsize Values
CVE-2006-3985
PowerArchiver 9.62.03 - Stack-based Buffer Overflow via Long Filename in ZIP Archive
CVE-2006-3459
libtiff < 3.8.2 - Stack-Based Buffer Overflow via Large tdir_count in TIFFFetchShortPair
CVE-2006-3460
libtiff < 3.8.2 - Heap-Based Buffer Overflow via JPEG Stream
CVE-2006-3462
NeXT RLE decoder <3.8.2 - Buffer Overflow
CVE-2006-3463
libtiff < 3.8.2 - Denial of Service via Large td_nstrips Value
CVE-2006-3961
McAfee Security Center 6.0.23 - Buffer Overflow via mcsubmgr.dll Long String Parameters
CVE-2006-3946
Safari and Mac OS X 10.3.9-10.4.7 - Remote Code Execution via Crafted HTML in KHTMLParser
CVE-2006-3912
WinRAR - Stack-based Buffer Overflow in SFX Module
CVE-2006-3838
eIQnetworks Enterprise Security Analyzer < 2.4.0 - Remote Code Execution via Multiple Buffer Overflows
CVE-2006-3632
Ethereal 0.8.16-0.99.0 - Buffer Overflow in NFS Dissector
CVE-2006-3668
Dynamic Universal Music Bibliotheque < 0.9.3 - Heap-Based Buffer Overflow via IT File Envelope Nodes
CVE-2006-3600
libtunepimp 0.4.2 - Stack-Based Buffer Overflow via Long Album Release Date or Data Strings
CVE-2006-1302
Microsoft Excel <2004 - Buffer Overflow
CVE-2006-3581
Audacious AdPlug < 2.0 - Stack-Based Buffer Overflow via Large DTM or S3M Files
CVE-2006-3582
Audacious AdPlug < 2.0 - Remote Code Execution via CFF MTK DMO U6M File Package Header
CVE-2006-0007
Microsoft Office < - Buffer Overflow
CVE-2006-2372
Microsoft DHCP Client Service - Remote Code Execution via Crafted DHCP Response
CVE-2006-3401
Quake 3 Engine <1.32c - Buffer Overflow
CVE-2006-3353
Opera < 9.01 - Denial of Service via Crafted Web Page with Iframe and JavaScript
CVE-2006-3117
OpenOffice.org <2.0.3 - Buffer Overflow
CVE-2006-2200
Mimms - Memory Corruption
Details
Vulnerabilities 14,031
Exploit Likelihood High