CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 306 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-4668 | 0.03 | — | 0.06 | Mar 5, 2010 | Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information. | |||
| CVE-2009-4661 | 0.03 | — | 0.02 | Mar 3, 2010 | Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item. | |||
| CVE-2010-0250 | 0.03 | — | 0.32 | Feb 10, 2010 | Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and… | |||
| CVE-2010-0553 | 0.03 | — | 0.03 | Feb 4, 2010 | Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a long NMEA data sentence. | |||
| CVE-2009-4553 | 0.03 | — | 0.02 | Jan 4, 2010 | Stack-based buffer overflow in iRehearse allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a .m3u playlist file. | |||
| CVE-2009-4549 | 0.03 | — | 0.04 | Jan 4, 2010 | Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .m3l playlist file. | |||
| CVE-2009-4171 | 0.03 | — | 0.05 | Dec 2, 2009 | An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by calling the RegisterMe method with a long argument. | |||
| CVE-2009-4108 | 0.03 | — | 0.02 | Nov 29, 2009 | XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (crash) by uploading or creating a large number of files or directories, then performing a LIST command. | |||
| CVE-2009-4107 | 0.03 | — | 0.05 | Nov 29, 2009 | Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string. | |||
| CVE-2009-4097 | 0.03 | — | 0.06 | Nov 29, 2009 | Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information. | |||
| CVE-2009-4049 | 0.03 | — | 0.01 | Nov 23, 2009 | Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024. | |||
| CVE-2009-3969 | 0.03 | — | 0.06 | Nov 18, 2009 | Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file. | |||
| CVE-2009-3947 | 0.03 | — | 0.05 | Nov 16, 2009 | Buffer overflow in the FTP service on the Tandberg MXP F7.0 allows remote attackers to cause a denial of service (process crash or device reboot) or possibly execute arbitrary code via a long USER command, as demonstrated by a command ending with many space characters. | |||
| CVE-2009-3135 | 0.03 | — | 0.36 | Nov 11, 2009 | Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a… | |||
| CVE-2009-3863 | 0.03 | — | 0.05 | Nov 4, 2009 | Buffer overflow in the gxmim1.dll ActiveX control in Novell Groupwise Client 7.0.3.1294 allows remote attackers to cause a denial of service (application crash) via a long argument to the SetFontFace method. | |||
| CVE-2009-3861 | 0.03 | — | 0.04 | Nov 4, 2009 | Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd). | |||
| CVE-2009-3857 | 0.03 | — | 0.02 | Nov 4, 2009 | Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service (application crash) via a Ruby (.rb) file containing a long string, which triggers the crash when a scroll bar is used. | |||
| CVE-2009-3838 | 0.03 | — | 0.06 | Nov 2, 2009 | Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly 4.51 allows remote POP3 servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long error message. | |||
| CVE-2009-3811 | 0.03 | — | 0.06 | Oct 27, 2009 | Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag. NOTE: some of these details are obtained from third party information. | |||
| CVE-2009-3810 | 0.03 | — | 0.06 | Oct 27, 2009 | Heap-based buffer overflow in Acoustica MP3 Audio Mixer 2.471 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file. |
- CVE-2009-4668Mar 5, 2010risk 0.03cvss —epss 0.06
Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information.
- CVE-2009-4661Mar 3, 2010risk 0.03cvss —epss 0.02
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.
- CVE-2010-0250Feb 10, 2010risk 0.03cvss —epss 0.32
Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and…
- CVE-2010-0553Feb 4, 2010risk 0.03cvss —epss 0.03
Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a long NMEA data sentence.
- CVE-2009-4553Jan 4, 2010risk 0.03cvss —epss 0.02
Stack-based buffer overflow in iRehearse allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a .m3u playlist file.
- CVE-2009-4549Jan 4, 2010risk 0.03cvss —epss 0.04
Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .m3l playlist file.
- CVE-2009-4171Dec 2, 2009risk 0.03cvss —epss 0.05
An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by calling the RegisterMe method with a long argument.
- CVE-2009-4108Nov 29, 2009risk 0.03cvss —epss 0.02
XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (crash) by uploading or creating a large number of files or directories, then performing a LIST command.
- CVE-2009-4107Nov 29, 2009risk 0.03cvss —epss 0.05
Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string.
- CVE-2009-4097Nov 29, 2009risk 0.03cvss —epss 0.06
Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information.
- CVE-2009-4049Nov 23, 2009risk 0.03cvss —epss 0.01
Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024.
- CVE-2009-3969Nov 18, 2009risk 0.03cvss —epss 0.06
Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file.
- CVE-2009-3947Nov 16, 2009risk 0.03cvss —epss 0.05
Buffer overflow in the FTP service on the Tandberg MXP F7.0 allows remote attackers to cause a denial of service (process crash or device reboot) or possibly execute arbitrary code via a long USER command, as demonstrated by a command ending with many space characters.
- CVE-2009-3135Nov 11, 2009risk 0.03cvss —epss 0.36
Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a…
- CVE-2009-3863Nov 4, 2009risk 0.03cvss —epss 0.05
Buffer overflow in the gxmim1.dll ActiveX control in Novell Groupwise Client 7.0.3.1294 allows remote attackers to cause a denial of service (application crash) via a long argument to the SetFontFace method.
- CVE-2009-3861Nov 4, 2009risk 0.03cvss —epss 0.04
Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd).
- CVE-2009-3857Nov 4, 2009risk 0.03cvss —epss 0.02
Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service (application crash) via a Ruby (.rb) file containing a long string, which triggers the crash when a scroll bar is used.
- CVE-2009-3838Nov 2, 2009risk 0.03cvss —epss 0.06
Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly 4.51 allows remote POP3 servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long error message.
- CVE-2009-3811Oct 27, 2009risk 0.03cvss —epss 0.06
Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag. NOTE: some of these details are obtained from third party information.
- CVE-2009-3810Oct 27, 2009risk 0.03cvss —epss 0.06
Heap-based buffer overflow in Acoustica MP3 Audio Mixer 2.471 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file.