CWE-122

High likelihood

Heap-based Buffer Overflow

Parent: CWE-788 - Access of Memory Location After End of Buffer

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

2,335 vulnerabilities with CWE-122
CVE-2014-9187 CRITICAL
Honeywell Experion PKS <R400 - Buffer Overflow
CVSS 9.8
CVE-2014-9495 HIGH
libpng <1.5.21, <1.6.16 - Buffer Overflow
CVSS 8.8
CVE-2014-0789
Schneider Electric OPC Factory Server < 3.5 - Denial of Service via Long Arguments
CVE-2014-0781
Yokogawa CENTUM CS 3000 < R3.09.50 - Remote Code Execution via Crafted UDP Packets
CVE-2013-7354 MEDIUM
libpng < 1.5.13 - Heap-based Buffer Overflow via Crafted Image
CVSS 6.5
CVE-2013-7353 MEDIUM
libpng < 1.5.14beta08 - Heap-based Buffer Overflow via Crafted Image
CVSS 6.5
CVE-2013-3245 MEDIUM
VideoLAN VLC Media Player <2.0.7 - DoS
CVSS 6.3
CVE-2009-3459 HIGH KEV
Adobe Acrobat < 9.1.3 - Remote Code Execution via Crafted PDF File
CVSS 8.8
CVE-2006-10003 CRITICAL
Perl XML::Parser <=2.47 st_serial_stack - Off-by-One Heap Buffer Overflow
CVSS 9.8
CVE-2006-10002 HIGH
XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes
CVSS 7.5
Details
Vulnerabilities 2,335
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits