CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Parents

CWE-118

Children

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (9,878)

page 393 of 494

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2014-1268	Apple Inc. Mac Os X	—	0.01	Feb 27, 2014	WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270.
CVE-2014-1262	Apple Inc. Mac Os X	—	0.00	Feb 27, 2014	Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.
CVE-2014-1260	Apple Inc. Mac Os X	—	0.01	Feb 27, 2014	QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
CVE-2014-1259	Apple Inc. Mac Os X	—	0.01	Feb 27, 2014	Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename.
CVE-2014-1258	Apple Inc. Mac Os X	—	0.01	Feb 27, 2014	Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image.
CVE-2014-1256	Apple Inc. Mac Os X	—	0.00	Feb 27, 2014	Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
CVE-2014-1254	Apple Inc. Mac Os X	—	0.01	Feb 27, 2014	Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document.
CVE-2014-1250	Apple Inc. Quicktime	—	0.04	Feb 27, 2014	Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.
CVE-2014-1249	Apple Inc. Quicktime	—	0.05	Feb 27, 2014	Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image.
CVE-2014-1248	Apple Inc. Quicktime	—	0.05	Feb 27, 2014	Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file.
CVE-2014-1247	Apple Inc. Quicktime	—	0.04	Feb 27, 2014	Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file.
CVE-2014-1246	Apple Inc. Quicktime	—	0.05	Feb 27, 2014	Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.
CVE-2014-1244	Apple Inc. Quicktime	—	0.04	Feb 27, 2014	Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
CVE-2014-1243	Apple Inc. Quicktime	—	0.04	Feb 27, 2014	Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.
CVE-2011-4111	Red Hat Enterprise Linux	—	0.01	Feb 26, 2014	Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC_ATR message.
CVE-2014-0498	Adobe Inc. Flash Player	—	0.01	Feb 21, 2014	Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2011-3604	Litech Router Advertisement Daemon	—	0.01	Feb 17, 2014	The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to cause a denial of service (stack-based buffer over-read and crash) via unspecified vectors.
CVE-2011-3601	Litech Router Advertisement Daemon	—	0.02	Feb 17, 2014	Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative value in a label_len value.
CVE-2013-5351	IrfanView Irfanview	—	0.06	Feb 14, 2014	Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.
CVE-2014-1253	Apple Inc. Boot Camp	—	0.00	Feb 14, 2014	AppleMNT.sys in Apple Boot Camp 5 before 5.1 allows local users to cause a denial of service (kernel memory corruption) or possibly have unspecified other impact via a malformed header in a Portable Executable (PE) file.

CVE-2014-1268Feb 27, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270.
CVE-2014-1262Feb 27, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages that trigger memory corruption.
CVE-2014-1260Feb 27, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
CVE-2014-1259Feb 27, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted filename.
CVE-2014-1258Feb 27, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
Heap-based buffer overflow in CoreAnimation in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image.
CVE-2014-1256Feb 27, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.00
Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to bypass the App Sandbox protection mechanism via crafted Mach messages.
CVE-2014-1254Feb 27, 2014
Apple Inc.
Mac Os X
risk 0.00cvss —epss 0.01
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in a document.
CVE-2014-1250Feb 27, 2014
Apple Inc.
Quicktime
risk 0.00cvss —epss 0.04
Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted ttfo element in a movie file.
CVE-2014-1249Feb 27, 2014
Apple Inc.
Quicktime
risk 0.00cvss —epss 0.05
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PSD image.
CVE-2014-1248Feb 27, 2014
Apple Inc.
Quicktime
risk 0.00cvss —epss 0.05
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ldat atom in a movie file.
CVE-2014-1247Feb 27, 2014
Apple Inc.
Quicktime
risk 0.00cvss —epss 0.04
Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted dref atom in a movie file.
CVE-2014-1246Feb 27, 2014
Apple Inc.
Quicktime
risk 0.00cvss —epss 0.05
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ftab atom in a movie file.
CVE-2014-1244Feb 27, 2014
Apple Inc.
Quicktime
risk 0.00cvss —epss 0.04
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
CVE-2014-1243Feb 27, 2014
Apple Inc.
Quicktime
risk 0.00cvss —epss 0.04
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track list in a movie file.
CVE-2011-4111Feb 26, 2014
Red Hat
Enterprise Linux
risk 0.00cvss —epss 0.01
Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC_ATR message.
CVE-2014-0498Feb 21, 2014
Adobe Inc.
Flash Player
risk 0.00cvss —epss 0.01
Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2011-3604Feb 17, 2014
Litech
Router Advertisement Daemon
risk 0.00cvss —epss 0.01
The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to cause a denial of service (stack-based buffer over-read and crash) via unspecified vectors.
CVE-2011-3601Feb 17, 2014
Litech
Router Advertisement Daemon
risk 0.00cvss —epss 0.02
Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative value in a label_len value.
CVE-2013-5351Feb 14, 2014
IrfanView
Irfanview
risk 0.00cvss —epss 0.06
Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.
CVE-2014-1253Feb 14, 2014
Apple Inc.
Boot Camp
risk 0.00cvss —epss 0.00
AppleMNT.sys in Apple Boot Camp 5 before 5.1 allows local users to cause a denial of service (kernel memory corruption) or possibly have unspecified other impact via a malformed header in a Portable Executable (PE) file.