CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,031 vulnerabilities with CWE-119
CVE-2006-2297
Microsoft Infotech Storage System Library - Heap-based Buffer Overflow via Crafted CHM/ITS File
CVE-2006-0034
Microsoft Distributed Transaction Coordinator - Buffer Overflow
CVE-2006-2180
Golden FTP Server Pro 2.70 - Buffer Overflow via NLST or APPE Command
CVE-2006-2085
SpeedProject SpeedCommander and Squeez - Buffer Overflow via ACE Archive Long Filename
CVE-2006-2108
Oc 3121/3122 Printer - Denial of Service via Long Request
CVE-2006-2026
libtiff < 3.8.1 - Double Free in tif_jpeg.c
CVE-2006-1513
abc2ps - Buffer Overflow via Crafted ABC Music Files
CVE-2006-1982
Mac OS X - Heap-Based Buffer Overflow via Crafted TIFF Images
CVE-2006-1983
Mac OS X - Heap-Based Buffer Overflow via TIFF or GIF Image Parsing
CVE-2006-1985
Safari - Heap-Based Buffer Overflow via Long Path Names in Archive
CVE-2006-1868
Oracle Database Server 10.1.0.4 - Authenticated Buffer Overflow via DBMS_SNAPSHOT_UTL VERIFY_LOG Procedure
CVE-2006-1902
GNU Compiler Collection 4.1 - Buffer Overflow via Pointer Overflow in fold_binary
CVE-2006-1739
Mozilla Firefox and Thunderbird 1.x - Remote Code Execution via CSS Border-Rendering
CVE-2006-1189
Microsoft Internet Explorer <6 - Buffer Overflow
CVE-2006-1060
xzgv < 0.8 - Heap-Based Buffer Overflow via JPEG Image with Excessive Output Components
CVE-2006-1652
UltraVNC and tabbed_viewer - Buffer Overflow via Long String on TCP Port 5900
CVE-2006-1550
Dia 0.87-0.95-pre6 - Buffer Overflow in xfig Import Code
CVE-2006-0459
Westes Flex < 2.5.33 - Buffer Overflow via REJECT Statements or Trailing Context Rules
CVE-2006-0323
RealNetworks RealPlayer RealOne Player Rhapsody and Helix Player - Buffer Overflow via Crafted SWF File
CVE-2006-1368
Linux kernel <2.6.16 - Buffer Overflow
CVE-2006-1337
MailEnable < 1.93/1.73/1.21 - Unauthenticated RCE via POP3 Buffer Overflow
CVE-2006-0031
Microsoft Excel <2003 - Buffer Overflow
CVE-2006-1148
PeerCast < 0.1217 - Remote Code Execution via Long HTTP GET Parameter
CVE-2006-1043
Microsoft Visual Studio and Visual InterDev - Stack-based Buffer Overflow via Long DataProject Field
CVE-2006-0966
NCP Secure Client 8.11 Build 146 - Denial of Service via Large Argument List to ncprwsnt.exe
Details
Vulnerabilities 14,031
Exploit Likelihood High