VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 502 of 549
  • CVE-2010-3084Sep 29, 2010
    risk 0.00cvss epss 0.00

    Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel before 2.6.36-rc4 allows local users to cause a denial of service or possibly have unspecified other impact via the ETHTOOL_GRXCLSRLALL ethtool command.

  • CVE-2010-3087Sep 28, 2010
    risk 0.00cvss epss 0.03

    LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.

  • CVE-2010-3281Sep 23, 2010
    risk 0.00cvss epss 0.02

    Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service (service crash) via a long request.

  • CVE-2010-3415Sep 16, 2010
    risk 0.00cvss epss 0.02

    Google Chrome before 6.0.472.59 does not properly implement Geolocation, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2010-3414Sep 16, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 6.0.472.59 on Mac OS X does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. NOTE: this issue exists because of an incorrect fix for…

  • CVE-2010-3405Sep 16, 2010
    risk 0.00cvss epss 0.00

    Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.

  • CVE-2010-2799Sep 14, 2010
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments.

  • CVE-2010-2948Sep 10, 2010
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Outbound Route Filtering (ORF)…

  • CVE-2010-1817Sep 9, 2010
    risk 0.00cvss epss 0.03

    Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

  • CVE-2010-1814Sep 9, 2010
    risk 0.00cvss epss 0.04

    WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.

  • CVE-2010-1811Sep 9, 2010
    risk 0.00cvss epss 0.03

    ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file.

  • CVE-2010-3168Sep 9, 2010
    risk 0.00cvss epss 0.05

    Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service…

  • CVE-2010-3166Sep 9, 2010
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a…

  • CVE-2010-2770Sep 9, 2010
    risk 0.00cvss epss 0.04

    Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Mac OS X allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a…

  • CVE-2010-3255Sep 7, 2010
    risk 0.00cvss epss 0.02

    Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2010-3253Sep 7, 2010
    risk 0.00cvss epss 0.01

    The implementation of notification permissions in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2010-2575Aug 30, 2010
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute…

  • CVE-2010-0120Aug 30, 2010
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content.

  • CVE-2010-2882Aug 26, 2010
    risk 0.00cvss epss 0.04

    DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at…

  • CVE-2010-2881Aug 26, 2010
    risk 0.00cvss epss 0.04

    IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at…