CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 308 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-7079 | 0.03 | — | 0.06 | Aug 25, 2009 | Buffer overflow in Nero ShowTime 5.0.15.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a .M3U playlist file. NOTE: this issue might be related to CVE-2008-0619. | |||
| CVE-2009-2917 | 0.03 | — | 0.03 | Aug 21, 2009 | Stack-based buffer overflow in ImTOO MPEG Encoder 3.1.53 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted string in a (1) .cue or (2) .m3u playlist file. | |||
| CVE-2009-2896 | 0.03 | — | 0.06 | Aug 20, 2009 | Buffer overflow in KMplayer 2.9.4.1433 and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long string in a subtitle (.srt) playlist file. NOTE: some of these details are obtained from third party information. | |||
| CVE-2008-7015 | 0.03 | — | 0.03 | Aug 19, 2009 | Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel of War 1.1.1, and other products, allows remote attackers to cause a denial of service (server exit) via a packet with a large length value that triggers a memory allocation failure. | |||
| CVE-2008-7009 | 0.03 | — | 0.01 | Aug 19, 2009 | Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path. NOTE: some of these details are obtained from third party information. | |||
| CVE-2009-2767 | 0.03 | — | 0.01 | Aug 14, 2009 | The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW clock_nanosleep call that triggers a NULL pointer dereference. | |||
| CVE-2009-1929 | 0.03 | — | 0.35 | Aug 12, 2009 | Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to… | |||
| CVE-2008-6899 | 0.03 | — | 0.05 | Aug 5, 2009 | Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command. | |||
| CVE-2008-6897 | 0.03 | — | 0.06 | Aug 5, 2009 | Multiple buffer overflows in Getleft.exe in Andres Garcia Getleft 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) "a" HTML tag; a long src attribute in (2) embed, (3) img, or (4) script tags; (5) a long… | |||
| CVE-2009-2617 | 0.03 | — | 0.06 | Jul 27, 2009 | Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 allows remote attackers to execute arbitrary code via a long pathname in the source attribute of an item element in a .smpl playlist file. | |||
| CVE-2009-2568 | 0.03 | — | 0.06 | Jul 22, 2009 | Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) 0.9 allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file. | |||
| CVE-2009-1897 | 0.03 | — | 0.02 | Jul 20, 2009 | The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of… | |||
| CVE-2009-2450 | 0.03 | — | 0.01 | Jul 13, 2009 | The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online Armor Personal Firewall AV+ before 3.5.0.12, and Personal Firewall 3.5 before 3.5.0.14, allows local users to gain privileges via crafted METHOD_NEITHER IOCTL requests to \Device\OAmon containing arbitrary kernel… | |||
| CVE-2009-2384 | 0.03 | — | 0.06 | Jul 8, 2009 | Buffer overflow in amp.exe in Brothersoft PEamp 1.02b allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3u playlist file. NOTE: some of these details are obtained from third party information. | |||
| CVE-2009-2377 | 0.03 | — | 0.02 | Jul 8, 2009 | Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in AVAX-software Avax Vector ActiveX 1.3 allows remote attackers to cause a denial of service (application crash) via a long PrinterName property. | |||
| CVE-2009-2375 | 0.03 | — | 0.05 | Jul 8, 2009 | Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly earlier versions, allows remote attackers to execute arbitrary code via a long File_Name parameter in a .pdm file. NOTE: some of these details are obtained from third party information. | |||
| CVE-2009-2363 | 0.03 | — | 0.06 | Jul 8, 2009 | Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument. | |||
| CVE-2009-2286 | 0.03 | — | 0.03 | Jul 1, 2009 | Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch. | |||
| CVE-2009-1533 | 0.03 | — | 0.36 | Jun 10, 2009 | Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that triggers memory corruption, aka… | |||
| CVE-2009-1915 | 0.03 | — | 0.05 | Jun 4, 2009 | Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attackers to cause a denial of service (persistent crash) and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash… |
- CVE-2008-7079Aug 25, 2009risk 0.03cvss —epss 0.06
Buffer overflow in Nero ShowTime 5.0.15.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a .M3U playlist file. NOTE: this issue might be related to CVE-2008-0619.
- CVE-2009-2917Aug 21, 2009risk 0.03cvss —epss 0.03
Stack-based buffer overflow in ImTOO MPEG Encoder 3.1.53 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted string in a (1) .cue or (2) .m3u playlist file.
- CVE-2009-2896Aug 20, 2009risk 0.03cvss —epss 0.06
Buffer overflow in KMplayer 2.9.4.1433 and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long string in a subtitle (.srt) playlist file. NOTE: some of these details are obtained from third party information.
- CVE-2008-7015Aug 19, 2009risk 0.03cvss —epss 0.03
Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel of War 1.1.1, and other products, allows remote attackers to cause a denial of service (server exit) via a packet with a large length value that triggers a memory allocation failure.
- CVE-2008-7009Aug 19, 2009risk 0.03cvss —epss 0.01
Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path. NOTE: some of these details are obtained from third party information.
- CVE-2009-2767Aug 14, 2009risk 0.03cvss —epss 0.01
The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW clock_nanosleep call that triggers a NULL pointer dereference.
- CVE-2009-1929Aug 12, 2009risk 0.03cvss —epss 0.35
Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to…
- CVE-2008-6899Aug 5, 2009risk 0.03cvss —epss 0.05
Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command.
- CVE-2008-6897Aug 5, 2009risk 0.03cvss —epss 0.06
Multiple buffer overflows in Getleft.exe in Andres Garcia Getleft 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) "a" HTML tag; a long src attribute in (2) embed, (3) img, or (4) script tags; (5) a long…
- CVE-2009-2617Jul 27, 2009risk 0.03cvss —epss 0.06
Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 allows remote attackers to execute arbitrary code via a long pathname in the source attribute of an item element in a .smpl playlist file.
- CVE-2009-2568Jul 22, 2009risk 0.03cvss —epss 0.06
Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) 0.9 allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file.
- CVE-2009-1897Jul 20, 2009risk 0.03cvss —epss 0.02
The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of…
- CVE-2009-2450Jul 13, 2009risk 0.03cvss —epss 0.01
The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online Armor Personal Firewall AV+ before 3.5.0.12, and Personal Firewall 3.5 before 3.5.0.14, allows local users to gain privileges via crafted METHOD_NEITHER IOCTL requests to \Device\OAmon containing arbitrary kernel…
- CVE-2009-2384Jul 8, 2009risk 0.03cvss —epss 0.06
Buffer overflow in amp.exe in Brothersoft PEamp 1.02b allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3u playlist file. NOTE: some of these details are obtained from third party information.
- CVE-2009-2377Jul 8, 2009risk 0.03cvss —epss 0.02
Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in AVAX-software Avax Vector ActiveX 1.3 allows remote attackers to cause a denial of service (application crash) via a long PrinterName property.
- CVE-2009-2375Jul 8, 2009risk 0.03cvss —epss 0.05
Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly earlier versions, allows remote attackers to execute arbitrary code via a long File_Name parameter in a .pdm file. NOTE: some of these details are obtained from third party information.
- CVE-2009-2363Jul 8, 2009risk 0.03cvss —epss 0.06
Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument.
- CVE-2009-2286Jul 1, 2009risk 0.03cvss —epss 0.03
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.
- CVE-2009-1533Jun 10, 2009risk 0.03cvss —epss 0.36
Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that triggers memory corruption, aka…
- CVE-2009-1915Jun 4, 2009risk 0.03cvss —epss 0.05
Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attackers to cause a denial of service (persistent crash) and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash…