CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,031 vulnerabilities with CWE-119
CVE-2006-1469
Apple Mac OS X <10.4.7 - Buffer Overflow
CVE-2006-3251
hashcash < 1.20 - Heap-based Buffer Overflow via Crafted Entries
CVE-2006-3199
Opera 9 - Denial of Service via Long Hostname in A Tag href Attribute
CVE-2006-3146
Toshiba Bluetooth Stack <4.00.29 - DoS
CVE-2006-3086
Microsoft Hyperlink Object Library - Buffer Overflow
CVE-2006-3074
Kaspersky Internet Security/KAV <7.0 - Local Privilege Escalation
CVE-2006-0025
Microsoft Windows Media Player <10 - Buffer Overflow
CVE-2006-2379
Microsoft Windows 2000, Windows XP, and Windows Server 2003 - Remote Code Execution via IP Source Routing
CVE-2006-2382
Internet Explorer 5.01 SP4 and 6 SP1 and earlier - Remote Code Execution via UTF-8 HTML Decoding
CVE-2006-2923
Loudhush Multiple Products - Remote Code Execution via Crafted IAX2 Packets
CVE-2006-2898
Asterisk <1.0.11 & <1.2.9 - RCE/DoS
CVE-2006-2788
Firefox - Use-After-Free via getRawDER Function
CVE-2006-2781
SeaMonkey < 1.0.2 - Remote Code Execution via VCard Base64 Parsing
CVE-2006-2439
ZipCentral < 4.01 - Stack-based Buffer Overflow via Long Filename in ZIP Archive
CVE-2006-2656
libtiff < 3.8.2 - Stack-based Buffer Overflow via Long Filename
CVE-2006-1857
Linux Kernel < 2.6.16.17 - Buffer Overflow via Malformed SCTP HB-ACK Chunk
CVE-2006-2407
freeFTPd 1.0.10 - Stack-Based Buffer Overflow via Long Key Exchange Algorithm String
CVE-2006-2408
Raydium - Remote Code Execution via Large Packet in Log or Console Function
CVE-2006-2399
Outgun < 1.0.3_bot_2 - Stack-Based Buffer Overflow via Long Data File Request
CVE-2006-2238
Apple QuickTime < 7.1 - Remote Code Execution via Crafted BMP File
CVE-2006-1453
Apple QuickTime <7.1 - Buffer Overflow
CVE-2006-1454
Apple QuickTime <7.1 - Buffer Overflow
CVE-2006-1460
Apple QuickTime <7.1 - Buffer Overflow
CVE-2006-1461
Apple QuickTime <7.1 - Buffer Overflow
CVE-2006-1463
Apple QuickTime <7.1 - Buffer Overflow
Details
Vulnerabilities 14,031
Exploit Likelihood High