CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9
CVEs mapped to this weakness (11,748)
page 587 of 588| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-1514 | 0.00 | — | 0.02 | Dec 31, 2003 | eMule 0.29c allows remote attackers to cause a denial of service (crash) via a long password, possibly due to a buffer overflow. | |||
| CVE-2003-1557 | 0.00 | — | 0.05 | Dec 31, 2003 | Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." characters. | |||
| CVE-2003-1558 | 0.00 | — | 0.03 | Dec 31, 2003 | Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function. | |||
| CVE-2003-0373 | 0.00 | — | 0.00 | Jun 16, 2003 | Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code via (1) a long proto argument to the scanner_add_port function, (2) a long user argument to… | |||
| CVE-2003-0218 | 0.00 | — | 0.05 | May 12, 2003 | Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body. | |||
| CVE-2002-1401 | 0.00 | — | 0.02 | Jan 17, 2003 | Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow. | |||
| CVE-2002-2372 | 0.00 | — | 0.02 | Dec 31, 2002 | The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow. | |||
| CVE-2002-2390 | 0.00 | — | 0.06 | Dec 31, 2002 | Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. | |||
| CVE-2002-2381 | 0.00 | — | 0.03 | Dec 31, 2002 | Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execute arbitrary code. | |||
| CVE-2002-2388 | 0.00 | — | 0.01 | Dec 31, 2002 | Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service (crash) via a long HELO command. | |||
| CVE-2002-2411 | 0.00 | — | 0.05 | Dec 31, 2002 | Buffer overflow in badmin.c in BannerWheel 1.0 allows remote attackers to execute arbitrary code via a long rcmd command. | |||
| CVE-2002-2396 | 0.00 | — | 0.00 | Dec 31, 2002 | Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed setuid or setgid, may allow local users to execute arbitrary code via a long argument to the -g option. | |||
| CVE-2002-2333 | 0.00 | — | 0.02 | Dec 31, 2002 | Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | |||
| CVE-2002-2248 | 0.00 | — | 0.06 | Dec 31, 2002 | Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | |||
| CVE-2002-2271 | 0.00 | — | 0.01 | Dec 31, 2002 | Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string. | |||
| CVE-2002-2259 | 0.00 | — | 0.00 | Dec 31, 2002 | Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors. | |||
| CVE-2002-2291 | 0.00 | — | 0.02 | Dec 31, 2002 | Calisto Internet Talker 0.04 and earlier allows remote attackers to cause a denial of service (hang) via a long request, possibly triggering a buffer overflow. | |||
| CVE-2002-2257 | 0.00 | — | 0.05 | Dec 31, 2002 | Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument. | |||
| CVE-2002-2294 | 0.00 | — | 0.02 | Dec 31, 2002 | Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed… | |||
| CVE-2002-2332 | 0.00 | — | 0.02 | Dec 31, 2002 | Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. |
- CVE-2003-1514Dec 31, 2003risk 0.00cvss —epss 0.02
eMule 0.29c allows remote attackers to cause a denial of service (crash) via a long password, possibly due to a buffer overflow.
- CVE-2003-1557Dec 31, 2003risk 0.00cvss —epss 0.05
Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." characters.
- CVE-2003-1558Dec 31, 2003risk 0.00cvss —epss 0.03
Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function.
- CVE-2003-0373Jun 16, 2003risk 0.00cvss —epss 0.00
Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code via (1) a long proto argument to the scanner_add_port function, (2) a long user argument to…
- CVE-2003-0218May 12, 2003risk 0.00cvss —epss 0.05
Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body.
- CVE-2002-1401Jan 17, 2003risk 0.00cvss —epss 0.02
Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow.
- CVE-2002-2372Dec 31, 2002risk 0.00cvss —epss 0.02
The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow.
- CVE-2002-2390Dec 31, 2002risk 0.00cvss —epss 0.06
Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.
- CVE-2002-2381Dec 31, 2002risk 0.00cvss —epss 0.03
Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execute arbitrary code.
- CVE-2002-2388Dec 31, 2002risk 0.00cvss —epss 0.01
Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service (crash) via a long HELO command.
- CVE-2002-2411Dec 31, 2002risk 0.00cvss —epss 0.05
Buffer overflow in badmin.c in BannerWheel 1.0 allows remote attackers to execute arbitrary code via a long rcmd command.
- CVE-2002-2396Dec 31, 2002risk 0.00cvss —epss 0.00
Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed setuid or setgid, may allow local users to execute arbitrary code via a long argument to the -g option.
- CVE-2002-2333Dec 31, 2002risk 0.00cvss —epss 0.02
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
- CVE-2002-2248Dec 31, 2002risk 0.00cvss —epss 0.06
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
- CVE-2002-2271Dec 31, 2002risk 0.00cvss —epss 0.01
Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string.
- CVE-2002-2259Dec 31, 2002risk 0.00cvss —epss 0.00
Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.
- CVE-2002-2291Dec 31, 2002risk 0.00cvss —epss 0.02
Calisto Internet Talker 0.04 and earlier allows remote attackers to cause a denial of service (hang) via a long request, possibly triggering a buffer overflow.
- CVE-2002-2257Dec 31, 2002risk 0.00cvss —epss 0.05
Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument.
- CVE-2002-2294Dec 31, 2002risk 0.00cvss —epss 0.02
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed…
- CVE-2002-2332Dec 31, 2002risk 0.00cvss —epss 0.02
Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.