CWE-119
High likelihoodImproper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
14,031 vulnerabilities with CWE-119
CVE-2006-0813
WinACE 2.60 - Heap-Based Buffer Overflow via ARJ Archive Header Block
CVE-2006-0855
zoo < 2.10 - Stack-Based Buffer Overflow via Crafted ZOO File
CVE-2006-0807
NJStar Chinese and Japanese Word Processor < 5.10 - Stack-based Buffer Overflow via Font Name in NJX Document
CVE-2006-0730
Dovecot < 1.0beta3 - Denial of Service via APPEND Command and Authentication/IMAP/POP3 Login
CVE-2006-0734
Half-Life CSTRIKE Dedicated Server < 1.6_linux - Authenticated Denial of Service via Backslash in Connection String
CVE-2006-0710
Isode M-Vault Server 11.3 - Remote Code Execution via Crafted LDAP Request
CVE-2006-0006
Microsoft Windows Media Player <10 - Buffer Overflow
CVE-2006-0005
Windows Media Player 9-10 - Remote Code Execution via Long EMBED src Attribute
CVE-2006-0021
Windows XP SP1-SP2 and Server 2003 up to SP1 - Denial of Service via Invalid IGMP Packet
CVE-2006-0056
PAM-MySQL <0.6.2, <0.7pre3 - Use After Free
CVE-2006-0619
QNX Neutrino RTOS 6.3.0 - Local Buffer Overflow via Environment Variables
CVE-2006-0481
libpng 1.2.7 - Denial of Service via Alpha Channel Stripping
CVE-2006-0301
xpdf - Heap-Based Buffer Overflow in Splash.cc via Crafted Splash Images
CVE-2006-0359
CounterPath eyeBeam SIP Softphone - Denial of Service via Long SIP INVITE Header Field
CVE-2006-0179
Cisco IP Phone 7940 - Denial of Service via TCP SYN Flood
CVE-2006-0010
Microsoft Windows <SP2 - Buffer Overflow
CVE-2006-0097
PHP 4.3.10-4.4.2 - Stack-Based Buffer Overflow via mysql_connect Host Argument
CVE-2005-3590
CRITICAL
glibc < 2.3.5 - Buffer Overflow in getgrouplist Function
CVSS 9.8
CVE-2005-4882
Philippe Jounin Tftpd32 < 2.74 - Denial of Service via Long Filename in TFTP Read Request
CVE-2005-2340
Apple QuickTime < 7.0.4 - Remote Code Execution via Crafted Image File
CVE-2005-2341
BlackBerry Attachment Service < 4.0 - Denial of Service via Crafted TIFF File
CVE-2005-2344
BlackBerry Enterprise Server 4.0-4.0 SP2 - Denial of Service via Malformed PNG File
CVE-2005-2618
Autonomy KeyView SDK <9.2.0 - Buffer Overflow
CVE-2005-2922
RealNetworks <10.x - Buffer Overflow
CVE-2005-3627
Xpdf - Memory Corruption via DCTDecode Stream Handling
Details
Vulnerabilities
14,031
Exploit Likelihood
High