VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 312 of 549
  • CVE-2008-5229Nov 25, 2008
    risk 0.03cvss epss 0.03

    Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vista Gold and SP1 allows local users in the Network Configuration Operator group to gain privileges or cause a denial of service (system crash) via a large invalid PrefixLength to…

  • CVE-2008-5073Nov 14, 2008
    risk 0.03cvss epss 0.05

    Heap-based buffer overflow in an ActiveX control in Novell ZENworks Desktop Management 6.5 allows remote attackers to execute arbitrary code via a long argument to the CanUninstall method.

  • CVE-2008-5049Nov 13, 2008
    risk 0.03cvss epss 0.01

    Buffer overflow in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger Elite 3.3.0 and earlier, and possibly other versions including 3.3.3, allows local users to gain privileges via long inputs to the (1) 0x002224A4, (2) 0x002224C0, and (3) 0x002224CC IOCTL.

  • CVE-2008-5048Nov 13, 2008
    risk 0.03cvss epss 0.01

    Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and earlier, and possibly 4.2.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long inputs to the 0x00222494 IOCTL.

  • CVE-2008-5045Nov 13, 2008
    risk 0.03cvss epss 0.03

    Heap-based buffer overflow in Network-Client FTP Now 2.6, and possibly other versions, allows remote FTP servers to cause a denial of service (crash) via a 200 server response that is exactly 1024 characters long.

  • CVE-2008-4750Oct 27, 2008
    risk 0.03cvss epss 0.06

    Stack-based buffer overflow in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allows remote attackers to execute arbitrary code via a long LogFile property.

  • CVE-2008-4038Oct 15, 2008
    risk 0.03cvss epss 0.39

    Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer…

  • CVE-2008-4548Oct 14, 2008
    risk 0.03cvss epss 0.06

    Stack-based buffer overflow in the PTZCamPanelCtrl ActiveX control (CamPanel.dll) in RTS Sentry 2.1.0.2 allows remote attackers to execute arbitrary code via a long second argument to the ConnectServer method.

  • CVE-2008-4508Oct 9, 2008
    risk 0.03cvss epss 0.06

    Stack-based buffer overflow in the file parsing function in Tonec Internet Download Manager, possibly 5.14 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AppleDouble file containing a long string. …

  • CVE-2008-4470Oct 7, 2008
    risk 0.03cvss epss 0.05

    Stack-based buffer overflow in Numark CUE 5.0 rev2 allows user-assisted attackers to cause a denial of service (application crash) or execute arbitrary code via an M3U playlist file that contains a long absolute pathname.

  • CVE-2008-4452Oct 6, 2008
    risk 0.03cvss epss 0.05

    Buffer overflow in Cambridge Computer Corporation vxFtpSrv 2.0.3 allows remote attackers to cause a denial of service (crash and hang) and possibly execute arbitrary code via a long CWD request.

  • CVE-2008-4321Sep 29, 2008
    risk 0.03cvss epss 0.06

    Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command.

  • CVE-2008-4087Sep 15, 2008
    risk 0.03cvss epss 0.03

    Stack-based buffer overflow in Acoustica Beatcraft 1.02 Build 19 allows user-assisted attackers to cause a denial of service or execute arbitrary code via a Beatcraft Project (aka bcproj) file with a long string in a certain instruments title field.

  • CVE-2008-3014Sep 11, 2008
    risk 0.03cvss epss 0.37

    Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer…

  • CVE-2008-3531Sep 5, 2008
    risk 0.03cvss epss 0.01

    Stack-based buffer overflow in sys/kern/vfs_mount.c in the kernel in FreeBSD 7.0 and 7.1, when vfs.usermount is enabled, allows local users to gain privileges via a crafted (1) mount or (2) nmount system call, related to copying of "user defined data" in "certain error…

  • CVE-2008-3733Aug 20, 2008
    risk 0.03cvss epss 0.06

    Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element.

  • CVE-2008-3606Aug 12, 2008
    risk 0.03cvss epss 0.04

    Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are…

  • CVE-2008-3583Aug 10, 2008
    risk 0.03cvss epss 0.05

    Buffer overflow in the HTML parser in IntelliTamper 2.07 allows remote attackers to execute arbitrary code via a long URL in the SRC attribute of an IMG element. NOTE: this might be related to CVE-2008-3360. NOTE: it was later reported that 2.08 Beta 4 is also affected.

  • CVE-2008-3430Jul 31, 2008
    risk 0.03cvss epss 0.06

    Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in Eyeball MessengerSDK, as used in products such as SiOL Komunikator 1.3, allows remote attackers to execute arbitrary code via a large argument supplied to the BGColor method. NOTE: this might only be a…

  • CVE-2008-3361Jul 29, 2008
    risk 0.03cvss epss 0.04

    Stack-based buffer overflow in IntelliTamper 2.07 allows remote web sites to execute arbitrary code via a long HTTP Server header.