CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 535 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-5937 | 0.00 | — | 0.03 | Nov 13, 2007 | Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow user-assisted attackers to execute arbitrary code via a crafted DVI input file. | |||
| CVE-2007-5935 | 0.00 | — | 0.04 | Nov 13, 2007 | Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag. | |||
| CVE-2007-5929 | 0.00 | — | 0.04 | Nov 10, 2007 | Buffer overflow in OpenBase 10.0.5 and earlier might allow remote authenticated users to execute arbitrary code or cause a denial of service (daemon crash) by creating a stored procedure with a long name and invoking this procedure, which triggers heap corruption. | |||
| CVE-2007-5904 | 0.00 | — | 0.02 | Nov 9, 2007 | Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function. | |||
| CVE-2007-5897 | 0.00 | — | 0.04 | Nov 8, 2007 | Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be… | |||
| CVE-2007-5116 | 0.00 | — | 0.05 | Nov 7, 2007 | Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. | |||
| CVE-2007-1660 | 0.00 | — | 0.04 | Nov 7, 2007 | Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute… | |||
| CVE-2007-1659 | 0.00 | — | 0.04 | Nov 7, 2007 | Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes. | |||
| CVE-2007-4768 | 0.00 | — | 0.04 | Nov 7, 2007 | Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized. | |||
| CVE-2007-5814 | 0.00 | — | 0.06 | Nov 5, 2007 | Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long (1) serverAddress, (2) sessionId, (3) clientIPLower, (4) clientIPHigher, (5)… | |||
| CVE-2007-5807 | 0.00 | — | 0.03 | Nov 5, 2007 | Buffer overflow in the register function in Ultra Star Reader ActiveX control in SSReader allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild. NOTE: the provenance of this information is unknown; the details are obtained solely… | |||
| CVE-2007-4621 | 0.00 | — | 0.00 | Nov 5, 2007 | Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments. | |||
| CVE-2007-4623 | 0.00 | — | 0.01 | Nov 5, 2007 | Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command. | |||
| CVE-2007-4217 | 0.00 | — | 0.00 | Nov 5, 2007 | Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command. | |||
| CVE-2007-4513 | 0.00 | — | 0.01 | Nov 5, 2007 | Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv. | |||
| CVE-2007-5197 | 0.00 | — | 0.04 | Nov 2, 2007 | Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods. | |||
| CVE-2007-5788 | 0.00 | — | 0.02 | Nov 1, 2007 | Buffer overflow in the SIP parser on the Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP INVITE message. | |||
| CVE-2007-5081 | 0.00 | — | 0.05 | Oct 31, 2007 | Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file. | |||
| CVE-2007-4345 | 0.00 | — | 0.03 | Oct 31, 2007 | Buffer overflow in IMail Client 9.22, as shipped with IPSwitch IMail Server 2006.22, allows remote attackers to execute arbitrary code via a long boundary parameter in a multipart MIME e-mail message. | |||
| CVE-2007-4277 | 0.00 | — | 0.00 | Oct 30, 2007 | The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to… |
- CVE-2007-5937Nov 13, 2007risk 0.00cvss —epss 0.03
Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow user-assisted attackers to execute arbitrary code via a crafted DVI input file.
- CVE-2007-5935Nov 13, 2007risk 0.00cvss —epss 0.04
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.
- CVE-2007-5929Nov 10, 2007risk 0.00cvss —epss 0.04
Buffer overflow in OpenBase 10.0.5 and earlier might allow remote authenticated users to execute arbitrary code or cause a denial of service (daemon crash) by creating a stored procedure with a long name and invoking this procedure, which triggers heap corruption.
- CVE-2007-5904Nov 9, 2007risk 0.00cvss —epss 0.02
Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.
- CVE-2007-5897Nov 8, 2007risk 0.00cvss —epss 0.04
Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be…
- CVE-2007-5116Nov 7, 2007risk 0.00cvss —epss 0.05
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
- CVE-2007-1660Nov 7, 2007risk 0.00cvss —epss 0.04
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute…
- CVE-2007-1659Nov 7, 2007risk 0.00cvss —epss 0.04
Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.
- CVE-2007-4768Nov 7, 2007risk 0.00cvss —epss 0.04
Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized.
- CVE-2007-5814Nov 5, 2007risk 0.00cvss —epss 0.06
Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long (1) serverAddress, (2) sessionId, (3) clientIPLower, (4) clientIPHigher, (5)…
- CVE-2007-5807Nov 5, 2007risk 0.00cvss —epss 0.03
Buffer overflow in the register function in Ultra Star Reader ActiveX control in SSReader allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild. NOTE: the provenance of this information is unknown; the details are obtained solely…
- CVE-2007-4621Nov 5, 2007risk 0.00cvss —epss 0.00
Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.
- CVE-2007-4623Nov 5, 2007risk 0.00cvss —epss 0.01
Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command.
- CVE-2007-4217Nov 5, 2007risk 0.00cvss —epss 0.00
Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command.
- CVE-2007-4513Nov 5, 2007risk 0.00cvss —epss 0.01
Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv.
- CVE-2007-5197Nov 2, 2007risk 0.00cvss —epss 0.04
Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods.
- CVE-2007-5788Nov 1, 2007risk 0.00cvss —epss 0.02
Buffer overflow in the SIP parser on the Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP INVITE message.
- CVE-2007-5081Oct 31, 2007risk 0.00cvss —epss 0.05
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file.
- CVE-2007-4345Oct 31, 2007risk 0.00cvss —epss 0.03
Buffer overflow in IMail Client 9.22, as shipped with IPSwitch IMail Server 2006.22, allows remote attackers to execute arbitrary code via a long boundary parameter in a multipart MIME e-mail message.
- CVE-2007-4277Oct 30, 2007risk 0.00cvss —epss 0.00
The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to…