CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

14,031 vulnerabilities with CWE-119
CVE-2002-2257
libcgi 1.0.2-1.0.3 - Stack-based Buffer Overflow in parse_field Function
CVE-2002-2258
Moby NetSuite - Denial of Service via Malformed Content-Length Header
CVE-2002-2259
gnuplot 3.7 - Buffer Overflow in French Documentation Patch
CVE-2002-2268
Webster HTTP Server - Remote Code Execution via Long URL
CVE-2002-2271
BigFun 1.51b - Buffer Overflow via DCC Long String
CVE-2002-2272
Apache Tomcat 4.0-4.1.12 with mod_jk 1.2.1 - Denial of Service via Invalid Chunked Transfer-Encoding
CVE-2002-2291
Calisto Internet Talker < 0.04 - Denial of Service via Long Request
CVE-2002-2294
Symantec Enterprise Firewall & Raptor Firewall DoS via Malformed RealAudio or Crafted Statsd Packets
CVE-2002-2295
pico_server 2.0 beta 1-5 - Buffer Overflow via Long TCP Stream or HTTP Request
CVE-2002-2300
3Com NBX 4.0.17 and 4.1.4 - Denial of Service via Long CEL Command
CVE-2002-2332
Opera Web Browser 6.01 - Denial of Service via IMG Tag Width and Height Attributes
CVE-2002-2333
KDE 2.1-3.0.2 - Denial of Service via IMG Tag Width and Height Attributes
CVE-2002-2357
MailEnable 1.5 015-1.5 018 - Denial of Service via Long USER String
CVE-2002-2366
Trillian 0.6351, 0.725 and 0.73 - Buffer Overflow in XML Parser via Long Colors File Name
CVE-2002-2367
NEC SOCKS5 1.0 r11 - Buffer Overflow via Long Hostname
CVE-2002-2368
NEC SOCKS5 < 1.0r11 - Remote Code Execution via Long Username
CVE-2002-2372
IBM Infoprint 21 - Denial of Service via Long Telnet Username
CVE-2002-2381
GTetrinet - Multiple Buffer Overflows in tetrinet_inmessage, speclist_add, and config-getthemeinfo
CVE-2002-2385
Hotfoon 4.0 - Buffer Overflow via Long Voice Phone Number URL
CVE-2002-2388
INweb POP3 mail server 2.01 - Denial of Service via Long HELO Command
CVE-2002-2390
Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 Pro - Buffer Overflow via Long IDENT Request
CVE-2002-2396
Advanced TFTP 0.5-0.6 - Local Buffer Overflow via Long -g Option Argument
CVE-2002-2400
LibHTTPD 1.2 - Buffer Overflow via Long HTTP POST Request
CVE-2002-2404
IISPop 1.161 and 1.181 - Denial of Service via Long POP3 Request
CVE-2002-2411
BannerWheel 1.0 - Remote Code Execution via Long rcmd Command
Details
Vulnerabilities 14,031
Exploit Likelihood High