CWE-20
Improper Input Validation
Description
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-10 · CAPEC-101 · CAPEC-104 · CAPEC-108 · CAPEC-109 · CAPEC-110 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-136 · CAPEC-14 · CAPEC-153 · CAPEC-182 · CAPEC-209 · CAPEC-22 · CAPEC-23 · CAPEC-230 · CAPEC-231 · CAPEC-24 · CAPEC-250 · CAPEC-261 · CAPEC-267 · CAPEC-28 · CAPEC-3 · CAPEC-31 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-473 · CAPEC-52 · CAPEC-53 · CAPEC-588 · CAPEC-63 · CAPEC-64 · CAPEC-664 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-73 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-81 · CAPEC-83 · CAPEC-85 · CAPEC-88 · CAPEC-9
CVEs mapped to this weakness (5,710)
page 164 of 286| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2004-1125 | 0.01 | — | 0.07 | Jan 10, 2005 | Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded. | ||
| CVE-2003-1487 | 0.01 | — | 0.08 | Dec 31, 2003 | Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program. | ||
| CVE-2002-2393 | 0.01 | — | 0.07 | Dec 31, 2002 | Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands. | ||
| CVE-2001-0509 | 0.01 | — | 0.13 | Sep 20, 2001 | Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | ||
| CVE-1999-0726 | 0.01 | — | 0.15 | Jun 30, 1999 | An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. | ||
| CVE-2015-6426 | 0.00 | — | 0.00 | Dec 18, 2015 | Cisco Prime Network Services Controller 3.0 allows local users to bypass intended access restrictions and execute arbitrary commands via additional parameters to an unspecified command, aka Bug ID CSCus99427. | ||
| CVE-2015-8565 | 0.00 | — | 0.00 | Dec 16, 2015 | Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via unknown vectors. | ||
| CVE-2015-8564 | 0.00 | — | 0.00 | Dec 16, 2015 | Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via directory traversal sequences in the XML install file in an extension package archive. | ||
| CVE-2015-8476 | 0.00 | — | 0.01 | Dec 16, 2015 | Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendCommand function in class.smtp.php, a different vulnerability than CVE-2012-0796. | ||
| CVE-2015-7216 | 0.00 | — | 0.01 | Dec 16, 2015 | The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image. | ||
| CVE-2015-7211 | 0.00 | — | 0.01 | Dec 16, 2015 | Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors. | ||
| CVE-2015-6403 | 0.00 | — | 0.00 | Dec 15, 2015 | The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x phones 7.5.7 improperly validates firmware-image file integrity, which allows local users to load a Trojan horse image by leveraging shell access, aka Bug ID CSCut67400. | ||
| CVE-2015-6790 | 0.00 | — | 0.01 | Dec 14, 2015 | The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as demonstrated by a double-quote character inside a single-quoted string. | ||
| CVE-2015-6410 | 0.00 | — | 0.00 | Dec 14, 2015 | The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283. | ||
| CVE-2015-6407 | 0.00 | — | 0.00 | Dec 13, 2015 | Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to upload files to arbitrary locations via a crafted parameter, aka Bug ID CSCuv25501. | ||
| CVE-2015-6361 | 0.00 | — | 0.01 | Dec 13, 2015 | The administrative web interface on Cisco DPC3939 (XB3) devices with firmware 121109aCMCST allows remote authenticated users to execute arbitrary commands via unspecified fields, aka Bug ID CSCuw86170. | ||
| CVE-2015-7094 | 0.00 | — | 0.00 | Dec 11, 2015 | CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL. | ||
| CVE-2015-7093 | 0.00 | — | 0.00 | Dec 11, 2015 | Safari in Apple iOS before 9.2 allows remote attackers to spoof a URL in the user interface via a crafted web site. | ||
| CVE-2015-7079 | 0.00 | — | 0.01 | Dec 11, 2015 | dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app. | ||
| CVE-2015-7072 | 0.00 | — | 0.01 | Dec 11, 2015 | dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app. |
- CVE-2004-1125Jan 10, 2005risk 0.01cvss —epss 0.07
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
- CVE-2003-1487Dec 31, 2003risk 0.01cvss —epss 0.08
Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.
- CVE-2002-2393Dec 31, 2002risk 0.01cvss —epss 0.07
Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands.
- CVE-2001-0509Sep 20, 2001risk 0.01cvss —epss 0.13
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
- CVE-1999-0726Jun 30, 1999risk 0.01cvss —epss 0.15
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
- CVE-2015-6426Dec 18, 2015risk 0.00cvss —epss 0.00
Cisco Prime Network Services Controller 3.0 allows local users to bypass intended access restrictions and execute arbitrary commands via additional parameters to an unspecified command, aka Bug ID CSCus99427.
- CVE-2015-8565Dec 16, 2015risk 0.00cvss —epss 0.00
Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via unknown vectors.
- CVE-2015-8564Dec 16, 2015risk 0.00cvss —epss 0.00
Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows remote attackers to have unspecified impact via directory traversal sequences in the XML install file in an extension package archive.
- CVE-2015-8476Dec 16, 2015risk 0.00cvss —epss 0.01
Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendCommand function in class.smtp.php, a different vulnerability than CVE-2012-0796.
- CVE-2015-7216Dec 16, 2015risk 0.00cvss —epss 0.01
The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.
- CVE-2015-7211Dec 16, 2015risk 0.00cvss —epss 0.01
Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.
- CVE-2015-6403Dec 15, 2015risk 0.00cvss —epss 0.00
The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x phones 7.5.7 improperly validates firmware-image file integrity, which allows local users to load a Trojan horse image by leveraging shell access, aka Bug ID CSCut67400.
- CVE-2015-6790Dec 14, 2015risk 0.00cvss —epss 0.01
The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as demonstrated by a double-quote character inside a single-quoted string.
- CVE-2015-6410Dec 14, 2015risk 0.00cvss —epss 0.00
The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283.
- CVE-2015-6407Dec 13, 2015risk 0.00cvss —epss 0.00
Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to upload files to arbitrary locations via a crafted parameter, aka Bug ID CSCuv25501.
- CVE-2015-6361Dec 13, 2015risk 0.00cvss —epss 0.01
The administrative web interface on Cisco DPC3939 (XB3) devices with firmware 121109aCMCST allows remote authenticated users to execute arbitrary commands via unspecified fields, aka Bug ID CSCuw86170.
- CVE-2015-7094Dec 11, 2015risk 0.00cvss —epss 0.00
CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL.
- CVE-2015-7093Dec 11, 2015risk 0.00cvss —epss 0.00
Safari in Apple iOS before 9.2 allows remote attackers to spoof a URL in the user interface via a crafted web site.
- CVE-2015-7079Dec 11, 2015risk 0.00cvss —epss 0.01
dyld in Apple iOS before 9.2 and tvOS before 9.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
- CVE-2015-7072Dec 11, 2015risk 0.00cvss —epss 0.01
dyld in Apple iOS before 9.2, tvOS before 9.1, and watchOS before 2.1 mishandles segment validation, which allows attackers to execute arbitrary code in a privileged context via a crafted app.