CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (10,979)
page 547 of 549| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-0351 | 0.00 | — | 0.00 | Apr 7, 2005 | Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable. | |||
| CVE-2005-0504 | 0.00 | — | 0.01 | Mar 14, 2005 | Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value. | |||
| CVE-2005-0177 | 0.00 | — | 0.02 | Mar 7, 2005 | nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, which allows attackers to cause a denial of service (kernel crash) via a buffer overflow. | |||
| CVE-2004-1114 | 0.00 | — | 0.06 | Jan 10, 2005 | Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777. | |||
| CVE-2004-1258 | 0.00 | — | 0.06 | Jan 10, 2005 | Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows remote attackers to execute arbitrary code via crafted ABC files. | |||
| CVE-2004-2728 | 0.00 | — | 0.01 | Dec 31, 2004 | Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command. | |||
| CVE-2004-2541 | 0.00 | — | 0.02 | Dec 31, 2004 | Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target. | |||
| CVE-2004-2710 | 0.00 | — | 0.03 | Dec 31, 2004 | Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to (1) sending certain typing statuses or (2) setting the chat room status bar to the current… | |||
| CVE-2004-2709 | 0.00 | — | 0.02 | Dec 31, 2004 | Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags. | |||
| CVE-2004-2712 | 0.00 | — | 0.01 | Dec 31, 2004 | Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data." | |||
| CVE-2004-2711 | 0.00 | — | 0.02 | Dec 31, 2004 | Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "avatar retrieval." | |||
| CVE-2004-0220 | 0.00 | — | 0.05 | May 4, 2004 | isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker… | |||
| CVE-2003-1382 | 0.00 | — | 0.03 | Dec 31, 2003 | Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields. | |||
| CVE-2003-1508 | 0.00 | — | 0.02 | Dec 31, 2003 | Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens the minimized window, allows remote attackers to cause a denial of service (crash) via a long filename. | |||
| CVE-2003-1503 | 0.00 | — | 0.05 | Dec 31, 2003 | Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name. | |||
| CVE-2003-1497 | 0.00 | — | 0.01 | Dec 31, 2003 | Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable. | |||
| CVE-2003-1496 | 0.00 | — | 0.02 | Dec 31, 2003 | Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840. | |||
| CVE-2003-1494 | 0.00 | — | 0.03 | Dec 31, 2003 | Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet. | |||
| CVE-2003-1557 | 0.00 | — | 0.05 | Dec 31, 2003 | Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." characters. | |||
| CVE-2003-1558 | 0.00 | — | 0.03 | Dec 31, 2003 | Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function. |
- CVE-2005-0351Apr 7, 2005risk 0.00cvss —epss 0.00
Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.
- CVE-2005-0504Mar 14, 2005risk 0.00cvss —epss 0.01
Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
- CVE-2005-0177Mar 7, 2005risk 0.00cvss —epss 0.02
nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, which allows attackers to cause a denial of service (kernel crash) via a buffer overflow.
- CVE-2004-1114Jan 10, 2005risk 0.00cvss —epss 0.06
Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.
- CVE-2004-1258Jan 10, 2005risk 0.00cvss —epss 0.06
Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows remote attackers to execute arbitrary code via crafted ABC files.
- CVE-2004-2728Dec 31, 2004risk 0.00cvss —epss 0.01
Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command.
- CVE-2004-2541Dec 31, 2004risk 0.00cvss —epss 0.02
Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target.
- CVE-2004-2710Dec 31, 2004risk 0.00cvss —epss 0.03
Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to (1) sending certain typing statuses or (2) setting the chat room status bar to the current…
- CVE-2004-2709Dec 31, 2004risk 0.00cvss —epss 0.02
Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags.
- CVE-2004-2712Dec 31, 2004risk 0.00cvss —epss 0.01
Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data."
- CVE-2004-2711Dec 31, 2004risk 0.00cvss —epss 0.02
Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "avatar retrieval."
- CVE-2004-0220May 4, 2004risk 0.00cvss —epss 0.05
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker…
- CVE-2003-1382Dec 31, 2003risk 0.00cvss —epss 0.03
Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields.
- CVE-2003-1508Dec 31, 2003risk 0.00cvss —epss 0.02
Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens the minimized window, allows remote attackers to cause a denial of service (crash) via a long filename.
- CVE-2003-1503Dec 31, 2003risk 0.00cvss —epss 0.05
Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name.
- CVE-2003-1497Dec 31, 2003risk 0.00cvss —epss 0.01
Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable.
- CVE-2003-1496Dec 31, 2003risk 0.00cvss —epss 0.02
Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840.
- CVE-2003-1494Dec 31, 2003risk 0.00cvss —epss 0.03
Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet.
- CVE-2003-1557Dec 31, 2003risk 0.00cvss —epss 0.05
Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." characters.
- CVE-2003-1558Dec 31, 2003risk 0.00cvss —epss 0.03
Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function.