CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 318 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-1407 | 0.03 | — | 0.03 | Dec 31, 2003 | Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. | |||
| CVE-2003-1369 | 0.03 | — | 0.04 | Dec 31, 2003 | Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | |||
| CVE-2003-1375 | 0.03 | — | 0.02 | Dec 31, 2003 | Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. | |||
| CVE-2003-1354 | 0.03 | — | 0.06 | Dec 31, 2003 | Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942. | |||
| CVE-2003-1368 | 0.03 | — | 0.04 | Dec 31, 2003 | Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | |||
| CVE-2003-1355 | 0.03 | — | 0.04 | Dec 31, 2003 | Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password. | |||
| CVE-2003-1431 | 0.03 | — | 0.05 | Dec 31, 2003 | Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL. | |||
| CVE-2003-1445 | 0.03 | — | 0.01 | Dec 31, 2003 | Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long pathname. | |||
| CVE-2003-1461 | 0.03 | — | 0.02 | Dec 31, 2003 | Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473). | |||
| CVE-2003-1472 | 0.03 | — | 0.04 | Dec 31, 2003 | Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner. | |||
| CVE-2003-1473 | 0.03 | — | 0.01 | Dec 31, 2003 | Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable. | |||
| CVE-2003-1478 | 0.03 | — | 0.04 | Dec 31, 2003 | Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of service (core dump) via a web page that begins with a "xFFxFE" byte sequence and a large number of CRLF sequences, as demonstrated using freeze.htm. | |||
| CVE-2003-1512 | 0.03 | — | 0.02 | Dec 31, 2003 | Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service (crash) via a long DCC SEND request. | |||
| CVE-2003-0662 | 0.03 | — | 0.34 | Nov 17, 2003 | Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method. | |||
| CVE-2002-2232 | 0.03 | — | 0.05 | Dec 31, 2002 | Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers to execute arbitrary code via a long CD (CWD) command. | |||
| CVE-2002-2300 | — | 0.03 | — | 0.05 | Dec 31, 2002 | Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com NBX 4.1.4 allows remote attackers to cause a denial of service (crash) via a long CEL command. | ||
| CVE-2002-2258 | 0.03 | — | 0.03 | Dec 31, 2002 | Moby NetSuite allows remote attackers to cause a denial of service (crash) via an HTTP POST request with a (1) large integer or (2) non-numeric value in the Content-Length header, which causes an access violation after a failed atoi function call. | |||
| CVE-2002-2385 | 0.03 | — | 0.04 | Dec 31, 2002 | Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number. | |||
| CVE-2002-2357 | 0.03 | — | 0.03 | Dec 31, 2002 | MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow. | |||
| CVE-2002-2404 | 0.03 | — | 0.03 | Dec 31, 2002 | Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110). |
- CVE-2003-1407Dec 31, 2003risk 0.03cvss —epss 0.03
Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command.
- CVE-2003-1369Dec 31, 2003risk 0.03cvss —epss 0.04
Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
- CVE-2003-1375Dec 31, 2003risk 0.03cvss —epss 0.02
Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument.
- CVE-2003-1354Dec 31, 2003risk 0.03cvss —epss 0.06
Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942.
- CVE-2003-1368Dec 31, 2003risk 0.03cvss —epss 0.04
Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
- CVE-2003-1355Dec 31, 2003risk 0.03cvss —epss 0.04
Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password.
- CVE-2003-1431Dec 31, 2003risk 0.03cvss —epss 0.05
Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL.
- CVE-2003-1445Dec 31, 2003risk 0.03cvss —epss 0.01
Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long pathname.
- CVE-2003-1461Dec 31, 2003risk 0.03cvss —epss 0.02
Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473).
- CVE-2003-1472Dec 31, 2003risk 0.03cvss —epss 0.04
Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner.
- CVE-2003-1473Dec 31, 2003risk 0.03cvss —epss 0.01
Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable.
- CVE-2003-1478Dec 31, 2003risk 0.03cvss —epss 0.04
Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of service (core dump) via a web page that begins with a "xFFxFE" byte sequence and a large number of CRLF sequences, as demonstrated using freeze.htm.
- CVE-2003-1512Dec 31, 2003risk 0.03cvss —epss 0.02
Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service (crash) via a long DCC SEND request.
- CVE-2003-0662Nov 17, 2003risk 0.03cvss —epss 0.34
Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method.
- CVE-2002-2232Dec 31, 2002risk 0.03cvss —epss 0.05
Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers to execute arbitrary code via a long CD (CWD) command.
- CVE-2002-2300Dec 31, 2002risk 0.03cvss —epss 0.05
Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com NBX 4.1.4 allows remote attackers to cause a denial of service (crash) via a long CEL command.
- CVE-2002-2258Dec 31, 2002risk 0.03cvss —epss 0.03
Moby NetSuite allows remote attackers to cause a denial of service (crash) via an HTTP POST request with a (1) large integer or (2) non-numeric value in the Content-Length header, which causes an access violation after a failed atoi function call.
- CVE-2002-2385Dec 31, 2002risk 0.03cvss —epss 0.04
Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number.
- CVE-2002-2357Dec 31, 2002risk 0.03cvss —epss 0.03
MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow.
- CVE-2002-2404Dec 31, 2002risk 0.03cvss —epss 0.03
Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110).