CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
ClassStableLikelihood: High
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (9,859)
page 493 of 493| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2002-2257 | 0.00 | — | 0.05 | Dec 31, 2002 | Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument. | ||
| CVE-2002-2366 | 0.00 | — | 0.04 | Dec 31, 2002 | Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml. | ||
| CVE-2002-2372 | 0.00 | — | 0.02 | Dec 31, 2002 | The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow. | ||
| CVE-2002-2381 | 0.00 | — | 0.04 | Dec 31, 2002 | Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execute arbitrary code. | ||
| CVE-2002-2388 | 0.00 | — | 0.01 | Dec 31, 2002 | Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service (crash) via a long HELO command. | ||
| CVE-2002-2396 | 0.00 | — | 0.00 | Dec 31, 2002 | Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed setuid or setgid, may allow local users to execute arbitrary code via a long argument to the -g option. | ||
| CVE-2002-2248 | 0.00 | — | 0.05 | Dec 31, 2002 | Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | ||
| CVE-2002-2259 | 0.00 | — | 0.00 | Dec 31, 2002 | Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors. | ||
| CVE-2002-2271 | 0.00 | — | 0.01 | Dec 31, 2002 | Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string. | ||
| CVE-2002-2291 | 0.00 | — | 0.01 | Dec 31, 2002 | Calisto Internet Talker 0.04 and earlier allows remote attackers to cause a denial of service (hang) via a long request, possibly triggering a buffer overflow. | ||
| CVE-2002-2294 | 0.00 | — | 0.01 | Dec 31, 2002 | Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). | ||
| CVE-2002-2332 | 0.00 | — | 0.01 | Dec 31, 2002 | Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | ||
| CVE-2002-2333 | 0.00 | — | 0.01 | Dec 31, 2002 | Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | ||
| CVE-2002-1365 | 0.00 | — | 0.05 | Dec 23, 2002 | Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | ||
| CVE-2002-1174 | 0.00 | — | 0.04 | Oct 11, 2002 | Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly parsed by the parse_received function. | ||
| CVE-2001-0629 | 0.00 | — | 0.01 | Aug 14, 2001 | HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition privileges via a buffer overflow attack in the '-restore_config' command line parameter. | ||
| CVE-2001-0153 | 0.00 | — | 0.03 | May 3, 2001 | Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. | ||
| CVE-1999-0898 | 0.00 | — | 0.04 | Nov 4, 1999 | Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request. | ||
| CVE-1999-0332 | 0.00 | — | 0.04 | Dec 1, 1998 | Buffer overflow in NetMeeting allows denial of service and remote command execution. |