VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 483 of 549
  • CVE-2011-2813Oct 12, 2011
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…

  • CVE-2011-2811Oct 12, 2011
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…

  • CVE-2011-2809Oct 12, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…

  • CVE-2011-2356Oct 12, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…

  • CVE-2011-2354Oct 12, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…

  • CVE-2011-2352Oct 12, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…

  • CVE-2011-2341Oct 12, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…

  • CVE-2011-2339Oct 12, 2011
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…

  • CVE-2011-2338Oct 12, 2011
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…

  • CVE-2011-0259Oct 12, 2011
    risk 0.00cvss epss 0.03

    CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

  • CVE-2011-3323Oct 10, 2011
    risk 0.00cvss epss 0.05

    The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with an invalid IPv6 prefix length.

  • CVE-2011-2663Oct 8, 2011
    risk 0.00cvss epss 0.05

    Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message.

  • CVE-2011-0334Oct 8, 2011
    risk 0.00cvss epss 0.05

    Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file.

  • CVE-2011-0333Oct 8, 2011
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail…

  • CVE-2011-3868Oct 7, 2011
    risk 0.00cvss epss 0.06

    Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.

  • CVE-2011-3332Oct 6, 2011
    risk 0.00cvss epss 0.06

    Stack-based buffer overflow in Iceni Argus 6.20 and earlier and Infix 5.04 allows remote attackers to execute arbitrary code via a crafted PDF document that uses flate compression.

  • CVE-2011-3873Oct 4, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

  • CVE-2011-2881Oct 4, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.

  • CVE-2011-3005Sep 29, 2011
    risk 0.00cvss epss 0.04

    Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.

  • CVE-2011-3003Sep 29, 2011
    risk 0.00cvss epss 0.04

    Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unspecified WebGL test case that triggers a memory-allocation error and a resulting out-of-bounds write operation.