VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 530 of 549
  • CVE-2008-0992Mar 18, 2008
    risk 0.00cvss epss 0.03

    Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value.

  • CVE-2008-0997Mar 18, 2008
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows user-assisted remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted PostScript Printer Description (PPD) file that is not properly handled when…

  • CVE-2008-0048Mar 18, 2008
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API.

  • CVE-2008-0044Mar 18, 2008
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 allow remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted afp:// URL.

  • CVE-2008-1372Mar 18, 2008
    risk 0.00cvss epss 0.05

    bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

  • CVE-2008-0727Mar 18, 2008
    risk 0.00cvss epss 0.05

    Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH value.

  • CVE-2008-1282Mar 10, 2008
    risk 0.00cvss epss 0.06

    Buffer overflow in the BFup ActiveX control (BFup.dll) in B21Soft BFup before 1.0.802.29 allows remote attackers to execute arbitrary code via a long FilePath parameter.

  • CVE-2008-1266Mar 10, 2008
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact via (1) a long username or (2) an HTTP header with a large name and an empty value.

  • CVE-2008-1227Mar 10, 2008
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code…

  • CVE-2008-1207Mar 8, 2008
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in Fujitsu Interstage Smart Repository, as used in multiple Fujitsu Interstage products, allow remote attackers to cause a denial of service (daemon crash) via (1) an invalid request or (2) a large amount of data sent to the registered…

  • CVE-2008-1210Mar 8, 2008
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in the ctags parsing code in Programmer's Notepad before 2.0.8.718 allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted .c file, when the victim selects the Jump To dialog. …

  • CVE-2008-1096Mar 5, 2008
    risk 0.00cvss epss 0.05

    The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an…

  • CVE-2007-6252Mar 3, 2008
    risk 0.00cvss epss 0.03

    Multiple stack-based buffer overflows in the Learn2 Corporation STRunner (aka Street Technologies) ActiveX control in iestm32.dll allow remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2008-0304Feb 29, 2008
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview.

  • CVE-2007-5397Feb 28, 2008
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in the activePDF Server service (aka APServer.exe) in activePDF Server 3.8.4 and 3.8.5.14, and possibly other versions before 3.8.6.16, allows remote attackers to execute arbitrary code via a packet with a size field that is less than the actual size…

  • CVE-2008-0309Feb 28, 2008
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a…

  • CVE-2008-1056Feb 28, 2008
    risk 0.00cvss epss 0.00

    Multiple stack-based buffer overflows in Symark PowerBroker 2.8 through 5.0.1 allow local users to gain privileges via a long argv[0] string when executing (1) pbrun, (2) pbsh, or (3) pbksh. NOTE: the product is often installed in environments with trust relationships that…

  • CVE-2008-1040Feb 27, 2008
    risk 0.00cvss epss 0.05

    Buffer overflow in the Single Sign-On function in Fujitsu Interstage Application Server 8.0.0 through 8.0.3 and 9.0.0, Interstage Studio 8.0.1 and 9.0.0, and Interstage Apworks 8.0.0 allows remote attackers to execute arbitrary code via a long URI.

  • CVE-2008-0973Feb 25, 2008
    risk 0.00cvss epss 0.02

    Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) 4.5.0.1629, and other 4.5.0.x versions, allows remote attackers to have an unknown impact via a packet with a long string in the username field.

  • CVE-2008-0638Feb 21, 2008
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in the Veritas Enterprise Administrator (VEA) service (aka vxsvc.exe) in Symantec Veritas Storage Foundation 5.0 allows remote attackers to execute arbitrary code via a packet with a crafted value of a certain size field, which is not checked for…