VYPR

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

BaseIncompleteLikelihood: High

Description

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-67 · CAPEC-8 · CAPEC-9 · CAPEC-92

CVEs mapped to this weakness (802)

page 1 of 41
  • CVE-2016-10174CriKEVJan 30, 2017
    risk 0.85cvss 9.8epss 0.83

    The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution.

  • CVE-2018-6789CriKEVFeb 8, 2018
    risk 0.84cvss 9.8epss 0.82

    An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

  • CVE-2017-7269CriKEVMar 27, 2017
    risk 0.80cvss 9.8epss 1.00

    Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as…

  • CVE-2017-6862CriKEVMay 26, 2017
    risk 0.79cvss 9.8epss 0.43

    NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.

  • CVE-2016-6366HigKEVAug 18, 2016
    risk 0.79cvss 8.8epss 0.88

    Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted…

  • CVE-2016-0099HigKEVMar 9, 2016
    risk 0.75cvss 7.8epss 0.37

    The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain…

  • CVE-2010-10016CriAug 30, 2025
    risk 0.73cvss epss 0.01

    BS.Player version 2.57 (build 1051) contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of…

  • CVE-2012-10035CriAug 5, 2025
    risk 0.73cvss epss 0.01

    Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the handling of the PORT command. By sending a specially crafted payload, an unauthenticated remote attacker can overwrite memory structures and execute arbitrary code with SYSTEM…

  • CVE-2007-5659HigKEVFeb 12, 2008
    risk 0.73cvss 7.8epss 0.94

    Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.

  • CVE-2006-2492HigKEVMay 20, 2006
    risk 0.73cvss 8.8epss 0.48

    Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a…

  • CVE-2017-15222CriOct 24, 2017
    risk 0.72cvss 9.8epss 0.60

    Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code.

  • CVE-2010-1205CriJun 30, 2010
    risk 0.70cvss 9.8epss 0.43

    Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

  • CVE-2013-1331HigKEVJun 12, 2013
    risk 0.69cvss 7.8epss 0.82

    Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."

  • CVE-2024-29671CriDec 16, 2024
    risk 0.68cvss 9.8epss 0.21

    Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to execute arbitrary code via the POST request handler component.

  • CVE-2010-2572HigKEVNov 10, 2010
    risk 0.68cvss 7.8epss 0.63

    Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability."

  • CVE-2026-32746CriMar 13, 2026
    risk 0.67cvss 9.8epss 0.24

    telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.

  • CVE-2018-1000517CriJun 26, 2018
    risk 0.66cvss 9.8epss 0.32

    BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability…

  • CVE-2017-16740CriJan 9, 2018
    risk 0.66cvss 10.0epss 0.07

    A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.

  • CVE-2004-0210HigKEVAug 6, 2004
    risk 0.66cvss 7.8epss 0.08

    The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.

  • CVE-2026-4689CriMar 24, 2026
    risk 0.65cvss 10.0epss 0.01

    Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.