CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,031 vulnerabilities with CWE-119
CVE-2005-4048
FFmpeg libavcodec < 0.4.9-pre1 - Heap-Based Buffer Overflow via Small PNG Images with Palettes
CVE-2005-3191
xpdf - Heap-Based Buffer Overflow in DCT Stream Parsing
CVE-2005-3193
xpdf - Heap-Based Buffer Overflow in JPXStream::readCodestream
CVE-2005-3863
ktools < 0.3 - Buffer Overflow via VGETSTRING Macro
CVE-2005-3831
SpeedProject SpeedCommander, Squeez, ZipStar - Stack-based Buffer Overflow via Long Filename in ZIP Archive
CVE-2005-3832
SpeedCommander and Squeez - Stack-based Buffer Overflow via Long Filename in ZIP Archive
CVE-2005-3760
IBM WebSphere Application Server for z/OS 5.0 - Denial of Service via BBOORB Module Double Free
CVE-2005-3354
Sylpheed - Stack-based Buffer Overflow via LDIF File Import
CVE-2005-3314
Novell Netmail 3.5.2 - Remote Code Execution via IMAP Daemon Long Verb Arguments
CVE-2005-3662
pnmtopng - Buffer Overflow via -alpha Option with 256-Color PNM File
CVE-2005-3640
Floosietek FTGate 4.1 - Remote Code Execution via Long IMAP Command Arguments
CVE-2005-3483
GO-Global for Windows <= 3.1.0.3270 - Remote Code Execution via Oversized Data Block
CVE-2005-3485
Glider Collect'n kill 1.0.0.0 - Remote Code Execution via Long Player Name in gl_playerEnter Command
CVE-2005-2930
chm_lib - Stack-based Buffer Overflow in _chm_find_in_PMGL Function
CVE-2005-3265
Skype 1.1.x.0-1.4.x.83 - Remote Code Execution via Malicious URI or VCARD
CVE-2005-3317
ZipGenius < 6.0.2.1050 - Remote Code Execution via Long Filename in ZIP, UUE, XXE, MIM, or ACE Archive
CVE-2005-2972
AbiWord < 2.2.10 - Stack-Based Buffer Overflow in RTF Import Feature
CVE-2005-3269
Sun Java System Directory Server 5.2 2003Q4-2005Q1 - Stack-based Buffer Overflow in help.cgi
CVE-2005-3185
curl 7.13.2 and libcurl 7.13.2 - Stack-based Buffer Overflow via NTLM Authentication
CVE-2005-3065
MultiTheftAuto < 0.5_patch_1 - Denial of Service via Crafted Command 40
CVE-2005-3051
ARJ plugin (arj.dll) 3.9.2.0 - Buffer Overflow
CVE-2005-2856
WinACE UNACEV2.DLL <2.6.0.0 - Buffer Overflow
CVE-2005-2127
Microsoft Internet Explorer 5.01-6 - Remote Code Execution via Unsafe COM Object Instantiation
CVE-2005-2335
fetchmail < 6.2.5.2 - Buffer Overflow via Long UIDL Response
CVE-2005-2310
Winamp < 5.093 - Buffer Overflow via Long ID3v2 Tag
Details
Vulnerabilities 14,031
Exploit Likelihood High