CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 257 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-3563 | 0.07 | — | 0.48 | Jul 4, 2013 | Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string to TCP port 8001. | |||
| CVE-2013-1884 | 0.07 | — | 0.51 | May 2, 2013 | The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable. | |||
| CVE-2012-6275 | 0.07 | — | 0.47 | Feb 24, 2013 | Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request. | |||
| CVE-2012-6530 | 0.07 | — | 0.46 | Jan 31, 2013 | Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request. | |||
| CVE-2012-5691 | 0.07 | — | 0.53 | Dec 19, 2012 | Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file. | |||
| CVE-2011-5171 | 0.07 | — | 0.46 | Sep 15, 2012 | Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 196) and 8 (build 1031) allow remote attackers to execute arbitrary code via the (1) src and (2) name parameters in a p2g project file. | |||
| CVE-2011-5124 | 0.07 | — | 0.55 | Aug 26, 2012 | Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp). | |||
| CVE-2012-3815 | 0.07 | — | 0.44 | Jun 27, 2012 | Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information. | |||
| CVE-2012-0202 | 0.07 | — | 0.55 | May 4, 2012 | Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data. | |||
| CVE-2012-2110 | 0.07 | — | 0.48 | Apr 19, 2012 | The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory… | |||
| CVE-2012-1775 | 0.07 | — | 0.45 | Mar 19, 2012 | Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream. | |||
| CVE-2012-0897 | 0.07 | — | 0.53 | Jan 20, 2012 | Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. | |||
| CVE-2011-3494 | 0.07 | — | 0.56 | Sep 16, 2011 | WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName… | |||
| CVE-2011-3486 | 0.07 | — | 0.51 | Sep 16, 2011 | Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read. | |||
| CVE-2011-0104 | 0.07 | — | 0.53 | Apr 13, 2011 | Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HLink record in an Excel file, aka "Excel Buffer… | |||
| CVE-2011-0522 | 0.07 | — | 0.52 | Feb 7, 2011 | The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<"… | |||
| CVE-2011-0514 | 0.07 | — | 0.49 | Jan 20, 2011 | The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large data size to TCP port 1530. | |||
| CVE-2010-4701 | 0.07 | — | 0.48 | Jan 20, 2011 | Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute… | |||
| CVE-2010-2590 | 0.07 | — | 0.47 | Dec 22, 2010 | Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value. | |||
| CVE-2010-2309 | 0.07 | — | 0.51 | Jun 16, 2010 | Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to execute arbitrary code via a long GET request. |
- CVE-2013-3563Jul 4, 2013risk 0.07cvss —epss 0.48
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string to TCP port 8001.
- CVE-2013-1884May 2, 2013risk 0.07cvss —epss 0.51
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an invalid limit, which triggers an access of an uninitialized variable.
- CVE-2012-6275Feb 24, 2013risk 0.07cvss —epss 0.47
Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request.
- CVE-2012-6530Jan 31, 2013risk 0.07cvss —epss 0.46
Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.
- CVE-2012-5691Dec 19, 2012risk 0.07cvss —epss 0.53
Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file.
- CVE-2011-5171Sep 15, 2012risk 0.07cvss —epss 0.46
Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 196) and 8 (build 1031) allow remote attackers to execute arbitrary code via the (1) src and (2) name parameters in a p2g project file.
- CVE-2011-5124Aug 26, 2012risk 0.07cvss —epss 0.55
Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp).
- CVE-2012-3815Jun 27, 2012risk 0.07cvss —epss 0.44
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.
- CVE-2012-0202May 4, 2012risk 0.07cvss —epss 0.55
Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data.
- CVE-2012-2110Apr 19, 2012risk 0.07cvss —epss 0.48
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory…
- CVE-2012-1775Mar 19, 2012risk 0.07cvss —epss 0.45
Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
- CVE-2012-0897Jan 20, 2012risk 0.07cvss —epss 0.53
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
- CVE-2011-3494Sep 16, 2011risk 0.07cvss —epss 0.56
WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName…
- CVE-2011-3486Sep 16, 2011risk 0.07cvss —epss 0.51
Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read.
- CVE-2011-0104Apr 13, 2011risk 0.07cvss —epss 0.53
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HLink record in an Excel file, aka "Excel Buffer…
- CVE-2011-0522Feb 7, 2011risk 0.07cvss —epss 0.52
The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<"…
- CVE-2011-0514Jan 20, 2011risk 0.07cvss —epss 0.49
The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large data size to TCP port 1530.
- CVE-2010-4701Jan 20, 2011risk 0.07cvss —epss 0.48
Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote attackers to execute…
- CVE-2010-2590Dec 22, 2010risk 0.07cvss —epss 0.47
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value.
- CVE-2010-2309Jun 16, 2010risk 0.07cvss —epss 0.51
Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to execute arbitrary code via a long GET request.