Cwe 119

🧬 CWE Related 90
slug: cwe-119

Explanation

CWE-119は「C/C++など低レベル言語で、配列の確保された範囲外にデータを読み書きしてしまう欠陥」のことです。 バッファオーバーフローやヒープオーバーフローと呼ばれる古典的な脆弱性で、攻撃者はこれを使って任意のコード実行を狙います。 ブラウザ・OS・ファームウェアなど低レベルなシステムで頻発します。
📌 Example
Heartbleed (CVE-2014-0160): OpenSSL の境界外読み取り脆弱性で、サーバーのメモリから秘密鍵やパスワードが盗み見えるようになった。世界中のWebサイトの約1/3が影響を受けた。

🔖 Related tags

🛡 Vulnerabilities tagged with this 2,461

ID Title
CVE-2016-7934 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().
CVE-2016-7935 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
CVE-2016-7936 The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().
CVE-2016-7937 The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().
CVE-2016-7939 The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
CVE-2016-7940 The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.
CVE-2016-7973 Buffer Overflow in c (CVE-2016-7973)
CVE-2016-7974 The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
CVE-2016-7975 The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().
CVE-2016-7983 The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2016-7984 The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().
CVE-2016-7985 Buffer Overflow in c (CVE-2016-7985)
CVE-2016-7986 Buffer Overflow in c (CVE-2016-7986)
CVE-2016-7992 Buffer Overflow in c (CVE-2016-7992)
CVE-2016-7993 Buffer Overflow in c (CVE-2016-7993)
CVE-2016-8574 The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
CVE-2016-9636 Buffer Overflow in c (CVE-2016-9636)
CVE-2016-9298 Buffer Overflow in c (CVE-2016-9298)
CVE-2016-9634 Buffer Overflow in c (CVE-2016-9634)
CVE-2016-9635 Buffer Overflow in c (CVE-2016-9635)
CVE-2016-8411 Buffer Overflow in c (CVE-2016-8411)
CVE-2016-9303 Buffer Overflow in autodesk (CVE-2016-9303)
CVE-2016-9304 Buffer Overflow in autodesk (CVE-2016-9304)
CVE-2016-9306 Buffer Overflow in autodesk (CVE-2016-9306)
CVE-2016-9307 Buffer Overflow in autodesk (CVE-2016-9307)
CVE-2017-2970 Buffer Overflow in adobe (CVE-2017-2970)
CVE-2017-2971 Buffer Overflow in adobe (CVE-2017-2971)
CVE-2017-2972 Buffer Overflow in adobe (CVE-2017-2972)
CVE-2017-5495 Buffer Overflow in quagga (CVE-2017-5495)
CVE-2016-6920 Buffer Overflow in c (CVE-2016-6920)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →