VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (11,748)

page 586 of 588
  • CVE-2004-0220May 4, 2004
    risk 0.00cvss epss 0.05

    isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker…

  • CVE-2003-1508Dec 31, 2003
    risk 0.00cvss epss 0.02

    Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens the minimized window, allows remote attackers to cause a denial of service (crash) via a long filename.

  • CVE-2003-1393Dec 31, 2003
    risk 0.00cvss epss 0.03

    Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long EXECUTE command.

  • CVE-2003-1382Dec 31, 2003
    risk 0.00cvss epss 0.03

    Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields.

  • CVE-2003-1377Dec 31, 2003
    risk 0.00cvss epss 0.03

    Buffer overflow in the reverse DNS lookup of Smart IRC Daemon (SIRCD) 0.4.0 and 0.4.4 allows remote attackers to execute arbitrary code via a client with a long hostname.

  • CVE-2003-1374Dec 31, 2003
    risk 0.00cvss epss 0.01

    Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options.

  • CVE-2003-1360Dec 31, 2003
    risk 0.00cvss epss 0.01

    Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable.

  • CVE-2003-1415Dec 31, 2003
    risk 0.00cvss epss 0.01

    NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification.

  • CVE-2003-1429Dec 31, 2003
    risk 0.00cvss epss 0.03

    Buffer overflow in Proxomitron Naoko 4.4 allows remote attackers to execute arbitrary code via a long request.

  • CVE-2003-1446Dec 31, 2003
    risk 0.00cvss epss 0.01

    Buffer overflow in the save_into_file function in save.c for Rogue 5.2-2 allows local users to execute arbitrary code with games group privileges by setting a long HOME environment variable and invoking the save game function with a ~ (tilde).

  • CVE-2003-1451Dec 31, 2003
    risk 0.00cvss epss 0.03

    Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename.

  • CVE-2003-1455Dec 31, 2003
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code.

  • CVE-2003-1464Dec 31, 2003
    risk 0.00cvss epss 0.02

    Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of service (disconnect and unavailable inbox) via a Short Message Service (SMS) message with a long image name.

  • CVE-2003-1470Dec 31, 2003
    risk 0.00cvss epss 0.05

    Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a CREATE command with a long mailbox name.

  • CVE-2003-1477Dec 31, 2003
    risk 0.00cvss epss 0.02

    MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects."

  • CVE-2003-1494Dec 31, 2003
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet.

  • CVE-2003-1496Dec 31, 2003
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840.

  • CVE-2003-1497Dec 31, 2003
    risk 0.00cvss epss 0.01

    Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable.

  • CVE-2003-1503Dec 31, 2003
    risk 0.00cvss epss 0.05

    Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name.

  • CVE-2003-1395Dec 31, 2003
    risk 0.00cvss epss 0.04

    Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server.