CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 135/160 • 19109 CVEs.

Subscribe CVEs: RSS for “Buffer Overflow”  ·  RSS (High+Critical only)

About “Buffer Overflow”

A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19109 CVEs for this tag (all time). In the last 365 days, 2722 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2006-11-30
High

CVE-2006-6173

Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes ins…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2006-6170

Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-6172

Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly other…

CVSS: 7.5 CWE: N/A View on NVD
2006-11-29
Medium

CVE-2006-6169

Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C…

CVSS: 6.8 CWE: N/A View on NVD
2006-11-28
Low

CVE-2006-6146

Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a…

CVSS: 2.6 CWE: N/A View on NVD
Medium

CVE-2006-6141

Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gau…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2006-6133

Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Repor…

CVSS: 7.6 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2006-6134

Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Media Player (WMP) 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote atta…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-11-27
High

CVE-2006-6125

Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wireless adapter allows remote attackers to execute arbitrary code via an 802.11 management frame with a…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-11-26
High

CVE-2006-6122

Multiple buffer overflows in TIN before 1.8.2 have unspecified impact and attack vectors, a different vulnerability than CVE-2006-0804.

CVSS: 7.5 CWE: N/A View on NVD
2006-11-24
Critical

CVE-2006-6076

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC req…

CVSS: 10.0 CWE: N/A View on NVD
2006-11-22
High

CVE-2006-6063

Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) Dis…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-6064

Multiple buffer overflows in the Message Parsing Interpreter (MPI) in Fuzzball MUCK before 6.07 allow remote attackers to execute arbitrary code via crafted messages.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2006-5868

Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2006-6055

Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2006-6059

Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA521 PCMCIA adapter allows remote attackers to execute arbitrary code via (1) beacon or (2) probe 802.11 frame responses with an lon…

CVSS: 10.0 CWE: N/A View on NVD
2006-11-21
Medium

CVE-2006-6015

Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a…

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2006-6024

Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudora WorldMail stack overflow" and (2) "Eud…

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2006-6026

Heap-based buffer overflow in Real Networks Helix Server and Helix Mobile Server before 11.1.3, and Helix DNA Server 11.0 and 11.1, allows remote attackers to cause a denial of service (application c…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2006-3890

Stack-based buffer overflow in the Sky Software FileView ActiveX control, as used in WinZip 10 before build 7245 and in certain other applications, allows remote attackers to execute arbitrary code v…

CVSS: 9.3 CWE: N/A View on NVD
2006-11-20
Medium

CVE-2006-5989

Off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflo…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-5973

Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 use…

CVSS: 5.0 CWE: N/A View on NVD
2006-11-18
Critical

CVE-2006-5972

Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request.

CVSS: 10.0 CWE: N/A View on NVD
2006-11-17
High

CVE-2006-5961

Buffer overflow in Mercury Mail Transport System 4.01b for Windows has unknown impact and attack vectors, as originally reported in a GLEG VulnDisco pack. NOTE: the provenance of this information is…

CVSS: 7.5 CWE: N/A View on NVD
2006-11-16
High

CVE-2006-5937

Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 allow remote attackers to execute arbitrary code via crafted (1) CAB or (2) RAR archives that trigger a heap-based buffer overflow.…

CVSS: 7.5 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2006-11-14
High

CVE-2006-4688

Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Clie…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-3445

Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code v…

CVSS: 7.5 CWE: CWE-189 View on NVD
Critical

CVE-2006-4691

Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2006-4251

Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DN…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-5882

Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver 3.50.21.10, as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products, allows rem…

CVSS: 8.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-11-11
Medium

CVE-2006-5864

Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file wit…

CVSS: 5.1 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-11-10
High

CVE-2006-5821

Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitr…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-5850

Stack-based buffer overflow in Essentia Web Server 2.15 for Windows allows remote attackers to execute arbitrary code via a long URI, as demonstrated by a GET or HEAD request. NOTE: some of these de…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-5826

Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via crafted APPE comm…

CVSS: 5.8 CWE: N/A View on NVD
2006-11-09
Medium

CVE-2006-5824

Integer overflow in the ffs_rdextattr function in FreeBSD 6.1 allows local users to cause a denial of service (kernel panic) and trigger a heap-based buffer overflow via a crafted UFS filesystem, a d…

CVSS: 4.9 CWE: N/A View on NVD
2006-11-08
Critical

CVE-2006-5815

Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstr…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2006-5818

Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6.5.5 FP2 and 7.x before 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2006-4810

Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a craft…

CVSS: 4.6 CWE: N/A View on NVD
2006-11-07
High

CVE-2006-5781

Stack-based buffer overflow in the handshake function in iodine 0.3.2 allows remote attackers to execute arbitrary code via a crafted DNS response.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-5780

Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 allows remote attackers to execute arbitrary code via a crafted TCP packet to port 2049 (nfsd), as demonstrated by vd_xlink.pm.

CVSS: 7.5 CWE: N/A View on NVD
Low

CVE-2006-4808

Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitra…

CVSS: 2.6 CWE: N/A View on NVD
Medium

CVE-2006-4809

Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitr…

CVSS: 5.1 CWE: N/A View on NVD
2006-11-06
Medium

CVE-2006-5466

Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to ex…

CVSS: 5.4 CWE: N/A View on NVD
2006-11-04
High

CVE-2006-5710

The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.1…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Low

CVE-2006-5724

Heap-based buffer overflow the "Answering Service" function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the "AwayMsg Presets" valu…

CVSS: 2.1 CWE: N/A View on NVD
High

CVE-2006-5465

Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.

CVSS: 7.5 CWE: N/A View on NVD
2006-11-01
Medium

CVE-2006-5646

Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remot…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-10-28
Critical

CVE-2006-5601

Stack-based buffer overflow in the eap_do_notify function in eap.c in xsupplicant before 1.2.6, and possibly other versions, allows remote authenticated users to execute arbitrary code via unspecifie…

CVSS: 9.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-10-27
Medium

CVE-2006-5593

Buffer overflow in Desknet's (niokeru) before 5.0J R1.0 might allow remote authenticated users to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2006-5556

Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment v…

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2006-5557

Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: thi…

CVSS: 4.6 CWE: N/A View on NVD
Critical

CVE-2006-5567

Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protoc…

CVSS: 9.3 CWE: N/A View on NVD
High

CVE-2006-5571

Stack-based buffer overflow in /scripts/cruise/cws.exe in CruiseWorks 1.09c and 1.09d allows remote attackers to execute arbitrary code via a long string in the doc parameter.

CVSS: 7.5 CWE: N/A View on NVD
2006-10-26
High

CVE-2006-5551

Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow remote attackers to execute arbitrary code via a long argument to the RCPT TO command.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-5552

Multiple heap-based buffer overflows in RevilloC MailServer 1.21 and earlier allow remote attackers to cause a denial of service (CPU consumption or application crash) or execute arbitrary code via a…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-10-25
High

CVE-2006-5501

Buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the downlo…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-5502

Heap-based buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via…

CVSS: 7.5 CWE: N/A View on NVD
2006-10-24
High

CVE-2006-4177

Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more dat…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-5478

Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-10-23
High

CVE-2006-5444

Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-5448

The drmstor.dll ActiveX object in Microsoft Windows Digital Rights Management System (DRM) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-5452

Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2006-5456

Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that…

CVSS: 5.1 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-10-20
Medium

CVE-2006-5424

Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer…

CVSS: 5.1 CWE: CWE-399 View on NVD
2006-10-19
Medium

CVE-2006-5403

Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted re…

CVSS: 5.1 CWE: N/A View on NVD
2006-10-18
High

CVE-2006-5395

Buffer overflow in Microsoft Class Package Export Tool (aka clspack.exe) allows context-dependent attackers to execute arbitrary code via a long string. NOTE: the provenance of this information is u…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-5334

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln# DB03…

CVSS: 7.1 CWE: N/A View on NVD
Critical

CVE-2006-5344

Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 have unknown impact and remote authenticated attack vectors related to (1)…

CVSS: 9.0 CWE: N/A View on NVD
2006-10-17
Medium

CVE-2006-4819

Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attackers to execute arbitrary code via a long URL in a tag (long link address).

CVSS: 5.1 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-10-16
High

CVE-2006-4182

Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted…

CVSS: 7.5 CWE: N/A View on NVD
2006-10-10
High

CVE-2006-3887

Buffer overflow in AOL You've Got Pictures (YGP) Screensaver ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-3888

Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-4686

Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-4980

Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide cha…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-5142

Stack-based buffer overflow in CA BrightStor ARCserve Backup R11.5 client and server allows remote attackers to execute arbitrary code via long messages to the CheyenneDS Mailslot.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2006-5143

Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Sui…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2006-5176

Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via "the signature field of NTLM Type 1 messages".

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2006-5216

Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) 1.34 allows remote attackers to execute arbitrary code via a long URI.

CVSS: 7.5 CWE: N/A View on NVD
2006-10-05
Critical

CVE-2006-5156

Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2006-5159

Stack-based buffer overflow in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving JavaScript. NOTE: the vendor and original researchers have released…

CVSS: 7.5 CWE: N/A View on NVD
2006-10-03
High

CVE-2006-5112

Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote attackers to execute arbitrary code via a long HTTP GET request.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-5133

Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have an unknown impact, possibly code execution related to input containing "globbing chars."

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-4391

Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 allows remote attackers to execute arbitrary code via a malformed JPEG2000 image.

CVSS: 5.1 CWE: N/A View on NVD
2006-09-28
Critical

CVE-2006-3738

Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2006-5058

Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty United Offensive 1.51b and earlier, and (3) Call of Duty 2 1.3 and earlier allows remote attackers to execute arbitrary code via…

CVSS: 7.5 CWE: N/A View on NVD
2006-09-27
High

CVE-2006-5006

Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2006-5009

Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary files via unspecified vectors, possibly involving a buffer overf…

CVSS: 7.2 CWE: N/A View on NVD
2006-09-26
Medium

CVE-2006-5000

Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (…

CVSS: 6.5 CWE: N/A View on NVD
2006-09-25
High

CVE-2006-4974

Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.

CVSS: 7.5 CWE: N/A View on NVD
2006-09-23
High

CVE-2006-4948

Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a long file name. NOTE…

CVSS: 7.5 CWE: N/A View on NVD
2006-09-21
High

CVE-2006-3507

Multiple stack-based buffer overflows in the AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 allow physically proximate attackers to execute arbitrary code by injecting crafted frames int…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2006-3508

Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary c…

CVSS: 7.2 CWE: N/A View on NVD
2006-09-20
Medium

CVE-2006-4438

Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header tha…

CVSS: 6.4 CWE: N/A View on NVD
2006-09-19
High

CVE-2006-4337

Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-4866

Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.

CVSS: 4.6 CWE: N/A View on NVD
Critical

CVE-2006-4868

Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote att…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2006-4847

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.

CVSS: 6.5 CWE: N/A View on NVD
2006-09-15
High

CVE-2006-4832

Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allows remote attackers to c…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2006-4565

Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-09-14
High

CVE-2006-4800

Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1)…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-4799

Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and "bad indexes", a different vulnerability than CVE-2005…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-4781

Heap-based buffer overflow in FutureSoft TFTP Server Multithreaded (MT) 1.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by sending a crafted packet…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-4789

Buffer overflow in Open Movie Editor 0.0.20060901 allows local users to cause a denial of service (system crash) or execute arbitrary code via a long project name in an open_movie_editor_project XML…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2006-4776

Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertiseme…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2006-4777

Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distribution…

CVSS: 7.6 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-09-13
High

CVE-2006-3739

Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character…

CVSS: 7.2 CWE: N/A View on NVD
2006-09-12
Critical

CVE-2006-0001

Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted PUB file, which causes an overflow when parsing font…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2006-3311

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically c…

CVSS: 5.1 CWE: N/A View on NVD
High

CVE-2006-3873

Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060912, allows remote attackers to cause a denial o…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-4382

Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie.

CVSS: 5.1 CWE: N/A View on NVD
Medium

CVE-2006-4384

Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie.

CVSS: 5.1 CWE: N/A View on NVD
Medium

CVE-2006-4385

Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image.

CVSS: 5.1 CWE: N/A View on NVD
2006-09-09
Medium

CVE-2006-4655

Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privil…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2006-4662

Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message…

CVSS: 7.5 CWE: N/A View on NVD
2006-09-08
Medium

CVE-2006-2482

Heap-based buffer overflow in the TZipTV component in (1) ZipTV for Delphi 7 2006.1.26 and for C++ Builder 2006-1.16, (2) PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221, and possibly other products,…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2006-4379

Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary cod…

CVSS: 7.5 CWE: N/A View on NVD
2006-09-07
High

CVE-2006-4626

Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and direc…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-4611

Buffer overflow in the _tor_resolve function in dsocks.c in dsocks before 1.4 allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long node name.

CVSS: 7.5 CWE: N/A View on NVD
2006-09-06
Medium

CVE-2006-4554

Stack-based buffer overflow in the ReadFile function in the ZOO-processing exports in the BeCubed Compression Plus before 5.0.1.28, as used in products including (1) Tumbleweed EMF, (2) VCOM/Ontrack…

CVSS: 5.1 CWE: N/A View on NVD
High

CVE-2006-4555

Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors involving an HTML document that references the CLSID of…

CVSS: 7.5 CWE: N/A View on NVD