VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 538 of 549
  • CVE-2007-4137Sep 18, 2007
    risk 0.00cvss epss 0.02

    Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the…

  • CVE-2007-4943Sep 18, 2007
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in a certain ActiveX control in sparser.dll in Baofeng Storm 2.8 and earlier allow remote attackers to execute arbitrary code via malformed input in an unknown set of arguments or property values, a different DLL than CVE-2007-4816. NOTE: the…

  • CVE-2007-3739Sep 14, 2007
    risk 0.00cvss epss 0.00

    mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors.

  • CVE-2007-4823Sep 11, 2007
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.

  • CVE-2007-4730Sep 11, 2007
    risk 0.00cvss epss 0.01

    Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap.

  • CVE-2007-4792Sep 10, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.

  • CVE-2007-4794Sep 10, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.

  • CVE-2007-4795Sep 10, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.

  • CVE-2007-4791Sep 10, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978.

  • CVE-2007-4796Sep 10, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

  • CVE-2007-4797Sep 10, 2007
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors.

  • CVE-2007-4793Sep 10, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

  • CVE-2007-4758Sep 8, 2007
    risk 0.00cvss epss 0.06

    Multiple buffer overflows in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors.

  • CVE-2007-4759Sep 8, 2007
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service via unspecified vectors.

  • CVE-2007-4743Sep 6, 2007
    risk 0.00cvss epss 0.05

    The original patch for CVE-2007-3999 in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and other applications that use krb5, does not correctly check the buffer length in some…

  • CVE-2007-3752Sep 6, 2007
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted album cover art in the covr atom of an MP4/AAC file.

  • CVE-2007-0322Sep 5, 2007
    risk 0.00cvss epss 0.06

    Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2007-4662Sep 4, 2007
    risk 0.00cvss epss 0.03

    Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors.

  • CVE-2007-4657Sep 4, 2007
    risk 0.00cvss epss 0.03

    Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an…

  • CVE-2007-4668Sep 4, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to determine the existence of arbitrary files, and possibly obtain other "file access," via unknown vectors, aka CORE-1312.