CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Description
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-100 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-67 · CAPEC-8 · CAPEC-9 · CAPEC-92
CVEs mapped to this weakness (802)
page 39 of 41| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-6075 | 0.00 | — | 0.05 | Feb 13, 2013 | Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code… | |||
| CVE-2013-0760 | 0.00 | — | 0.05 | Jan 13, 2013 | Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document. | |||
| CVE-2011-3033 | 0.00 | — | 0.02 | Mar 5, 2012 | Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-3959 | 0.00 | — | 0.01 | Feb 9, 2012 | Buffer overflow in the locale implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-3915 | 0.00 | — | 0.01 | Dec 13, 2011 | Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts. | |||
| CVE-2011-3896 | 0.00 | — | 0.01 | Nov 11, 2011 | Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping. | |||
| CVE-2011-2700 | 0.00 | — | 0.01 | Sep 6, 2011 | Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls… | |||
| CVE-2011-2788 | 0.00 | — | 0.01 | Aug 3, 2011 | Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors. | |||
| CVE-2011-0213 | 0.00 | — | 0.03 | Jun 24, 2011 | Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file. | |||
| CVE-2011-1291 | 0.00 | — | 0.02 | Mar 25, 2011 | Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error." | |||
| CVE-2011-1010 | 0.00 | — | 0.01 | Mar 1, 2011 | Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table. | |||
| CVE-2011-0712 | 0.00 | — | 0.00 | Feb 18, 2011 | Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the… | |||
| CVE-2010-3441 | 0.00 | — | 0.06 | Feb 18, 2011 | Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and possibly (3) a long -O option on… | |||
| CVE-2011-0481 | 0.00 | — | 0.02 | Jan 14, 2011 | Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading. | |||
| CVE-2011-0480 | 0.00 | — | 0.02 | Jan 14, 2011 | Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified… | |||
| CVE-2010-4527 | 0.00 | — | 0.00 | Jan 13, 2011 | The load_mixer_volumes function in sound/oss/soundcard.c in the OSS sound subsystem in the Linux kernel before 2.6.37 incorrectly expects that a certain name field ends with a '\0' character, which allows local users to conduct buffer overflow attacks and gain privileges, or… | |||
| CVE-2010-2808 | 0.00 | — | 0.05 | Aug 19, 2010 | Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN)… | |||
| CVE-2010-2541 | 0.00 | — | 0.05 | Aug 19, 2010 | Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | |||
| CVE-2010-2527 | 0.00 | — | 0.06 | Aug 19, 2010 | Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | |||
| CVE-2010-2499 | 0.00 | — | 0.06 | Aug 19, 2010 | Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment. |
- CVE-2012-6075Feb 13, 2013risk 0.00cvss —epss 0.05
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code…
- CVE-2013-0760Jan 13, 2013risk 0.00cvss —epss 0.05
Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.
- CVE-2011-3033Mar 5, 2012risk 0.00cvss —epss 0.02
Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3959Feb 9, 2012risk 0.00cvss —epss 0.01
Buffer overflow in the locale implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3915Dec 13, 2011risk 0.00cvss —epss 0.01
Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts.
- CVE-2011-3896Nov 11, 2011risk 0.00cvss —epss 0.01
Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping.
- CVE-2011-2700Sep 6, 2011risk 0.00cvss —epss 0.01
Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls…
- CVE-2011-2788Aug 3, 2011risk 0.00cvss —epss 0.01
Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors.
- CVE-2011-0213Jun 24, 2011risk 0.00cvss —epss 0.03
Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file.
- CVE-2011-1291Mar 25, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error."
- CVE-2011-1010Mar 1, 2011risk 0.00cvss —epss 0.01
Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table.
- CVE-2011-0712Feb 18, 2011risk 0.00cvss —epss 0.00
Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the…
- CVE-2010-3441Feb 18, 2011risk 0.00cvss —epss 0.06
Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and possibly (3) a long -O option on…
- CVE-2011-0481Jan 14, 2011risk 0.00cvss —epss 0.02
Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading.
- CVE-2011-0480Jan 14, 2011risk 0.00cvss —epss 0.02
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified…
- CVE-2010-4527Jan 13, 2011risk 0.00cvss —epss 0.00
The load_mixer_volumes function in sound/oss/soundcard.c in the OSS sound subsystem in the Linux kernel before 2.6.37 incorrectly expects that a certain name field ends with a '\0' character, which allows local users to conduct buffer overflow attacks and gain privileges, or…
- CVE-2010-2808Aug 19, 2010risk 0.00cvss —epss 0.05
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN)…
- CVE-2010-2541Aug 19, 2010risk 0.00cvss —epss 0.05
Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
- CVE-2010-2527Aug 19, 2010risk 0.00cvss —epss 0.06
Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
- CVE-2010-2499Aug 19, 2010risk 0.00cvss —epss 0.06
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment.