CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 141/160 • 19109 CVEs.

Subscribe CVEs: RSS for “Buffer Overflow”  ·  RSS (High+Critical only)

About “Buffer Overflow”

A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19109 CVEs for this tag (all time). In the last 365 days, 2723 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2005-08-05
Medium

CVE-2005-2472

Multiple buffer overflows in BusinessMail 4.60.00 allow remote attackers to cause a denial of service (application crash) via a long string to SMTP (1) HELO or (2) MAIL FROM commands.

CVSS: 5.0 CWE: N/A View on NVD
2005-08-03
High

CVE-2005-2346

Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-2425

Stack-based buffer overflow in Ares FileShare 1.1 allows remote attackers or local users to execute arbitrary code via a (1) long history parameter in the configuration file (ares.conf) or (2) long s…

CVSS: 10.0 CWE: N/A View on NVD
2005-08-02
High

CVE-2005-2079

Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 for Windows Servers allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-07-27
Medium

CVE-2005-2335

Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2005-2385

Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitr…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2387

Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 allow remote attackers to execute arbitrary code via (1) a RCPT TO command with a long DNS name, or (2) a large number of RCPT TO co…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2388

Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.

CVSS: 7.2 CWE: N/A View on NVD
2005-07-26
High

CVE-2005-2373

Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2005-2376

Buffer overflow in Race Driver 1.20 and earlier allows remote attackers to cause a denial of service (application crash) via a long (1) nickname or (2) chat message.

CVSS: 5.0 CWE: N/A View on NVD
2005-07-19
Medium

CVE-2005-2297

Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-2305

DG Remote Control Server 1.6.2 allows remote attackers to cause a denial of service (crash or CPU consumption) and possibly execute arbitrary code via a long message to TCP port 1071 or 1073, possibl…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-2310

Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TIT…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2005-07-18
High

CVE-2005-1175

Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execut…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2278

Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2005-2287

SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a denial of service (application crash) via a large TCP packet with a leading space, possibly triggering a buffer overflow.

CVSS: 5.0 CWE: N/A View on NVD
2005-07-13
High

CVE-2005-2250

Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share.

CVSS: 7.5 CWE: N/A View on NVD
2005-07-12
High

CVE-2005-0564

Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font i…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1219

Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-2232

Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-2233

Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files includ…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-2234

Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-2235

Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2005-2244

The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code o…

CVSS: 5.0 CWE: N/A View on NVD
2005-07-11
Low

CVE-2005-1768

Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and poss…

CVSS: 3.7 CWE: N/A View on NVD
High

CVE-2005-2210

Stack-based buffer overflow in Internet Download Manager 4.05 allows remote attackers to execute arbitrary code via a long URL.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2213

Buffer overflow in the mms_interp_header function in mms.c in MMS Ripper before 0.6.4 might allow remote attackers to execute arbitrary code via a file with more than 20 streams.

CVSS: 7.5 CWE: N/A View on NVD
2005-07-06
High

CVE-2005-2096

zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to…

CVSS: 7.5 CWE: N/A View on NVD
2005-07-05
Medium

CVE-2005-1625

Stack-based buffer overflow in the UnixAppOpenFilePerform function in Adobe Reader 5.0.9 and 5.0.10 for Unix allows remote attackers to execute arbitrary code via a PDF document with a long /Filespec…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2005-2081

Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2005-2085

Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST comm…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2005-2141

TCP Chat 1.0 allows remote attackers to cause a denial of service (crash) via a long string to the chat service, possibly triggering a buffer overflow.

CVSS: 5.0 CWE: N/A View on NVD
2005-06-28
Medium

CVE-2005-1766

Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code…

CVSS: 5.1 CWE: N/A View on NVD
High

CVE-2005-2051

Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-2052

Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arb…

CVSS: 5.1 CWE: N/A View on NVD
2005-06-20
Medium

CVE-2005-2040

Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CV…

CVSS: 5.0 CWE: N/A View on NVD
2005-06-18
High

CVE-2005-0773

Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_…

CVSS: 7.5 CWE: N/A View on NVD
2005-06-16
High

CVE-2005-1721

Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-06-15
Medium

CVE-2005-2041

Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID cookie (HTTP_COOKIE).

CVSS: 5.0 CWE: N/A View on NVD
2005-06-14
High

CVE-2005-1206

Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vecto…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1207

Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special p…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2005-1208

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a la…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2005-1211

Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.

CVSS: 5.1 CWE: N/A View on NVD
High

CVE-2005-1212

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1213

Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a…

CVSS: 7.5 CWE: N/A View on NVD
2005-06-13
High

CVE-2005-1935

Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to…

CVSS: 7.5 CWE: N/A View on NVD
2005-06-11
High

CVE-2005-1953

Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers to execute arbitrary code via a long HTTP request.

CVSS: 7.5 CWE: N/A View on NVD
2005-06-09
High

CVE-2005-1763

Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-1873

Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command wit…

CVSS: 7.5 CWE: N/A View on NVD
2005-06-08
High

CVE-2005-1757

Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1758

Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-06-03
High

CVE-2005-1872

Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-06-02
Low

CVE-2005-1903

Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE command.

CVSS: 2.1 CWE: N/A View on NVD
2005-06-01
Critical

CVE-2005-1812

Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Re…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2005-1814

Stack-based buffer overflow in PicoWebServer 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URL.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1815

Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to cause a denial of service and possibly execute arbitrary code via (1) an FTP command with a long a…

CVSS: 5.0 CWE: N/A View on NVD
2005-05-31
High

CVE-2005-1770

Buffer overflow in the Aavmker4 device driver in Avast! Antivirus 4.6 and possibly other versions allows local users to cause a denial of service (system crash) and possibly execute arbitrary code vi…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2005-1772

Buffer overflow in the client cd-key hash in Terminator 3: War of the Machines 1.16 and earlier allows remote attackers to cause a denial of service (application crash) via a long client cd-key hash…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2005-1776

Buffer overflow in the READ_TCP_STRING function in game_message_functions.cpp in the network plugin for C'Nedra 0.4.0 and earlier allows remote attackers to execute arbitrary code via a long text str…

CVSS: 7.5 CWE: N/A View on NVD
2005-05-26
High

CVE-2005-1520

Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-ma…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1521

Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message…

CVSS: 7.5 CWE: N/A View on NVD
2005-05-25
Medium

CVE-2005-1254

Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service (c…

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2005-1255

Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to e…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2005-1256

Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated user…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2005-1543

Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for S…

CVSS: 7.5 CWE: N/A View on NVD
2005-05-24
Critical

CVE-2005-1693

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2005-1704

Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafte…

CVSS: 4.6 CWE: CWE-189 View on NVD
Medium

CVE-2005-1718

Buffer overflow in LS Games War Times 1.03 and earlier allows remote attackers to cause a denial of service (server crash) via a long nickname.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2005-1749

Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 Service Pack 4 allows remote attackers to cause a denial of service (CPU consumption from thread looping).

CVSS: 5.0 CWE: N/A View on NVD
2005-05-20
Medium

CVE-2005-1679

Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message.

CVSS: 5.1 CWE: N/A View on NVD
Low

CVE-2005-1683

Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitr…

CVSS: 2.6 CWE: N/A View on NVD
2005-05-19
High

CVE-2005-1455

Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash).

CVSS: 7.5 CWE: N/A View on NVD
2005-05-18
Medium

CVE-2005-1661

Jeuce Personal Webserver 2.13 allows remote attackers to cause a denial of service (server crash) via a long GET request, possibly triggering a buffer overflow.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2005-1666

Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via long arguments to FTP c…

CVSS: 7.5 CWE: N/A View on NVD
2005-05-17
High

CVE-2005-1626

Multiple buffer overflows in handlers.c for Pico Server (pServ) before 3.3 may allow attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-05-16
High

CVE-2005-1248

Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file.

CVSS: 7.5 CWE: N/A View on NVD
2005-05-14
High

CVE-2005-1544

Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1545

Integer overflow in the ELF parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted ELF file, which leads to a heap-based buffer overflow.

CVSS: 5.1 CWE: N/A View on NVD
Medium

CVE-2005-1546

Buffer overflow in the PE parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted PE file.

CVSS: 5.1 CWE: N/A View on NVD
High

CVE-2005-1547

Heap-based buffer overflow in the demo version of Bakbone Netvault, and possibly other versions, allows remote attackers to execute arbitrary commands via a large packet to port 20031.

CVSS: 7.5 CWE: N/A View on NVD
2005-05-12
Medium

CVE-2005-0969

Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via craf…

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2005-0971

Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.

CVSS: 4.6 CWE: N/A View on NVD
2005-05-11
High

CVE-2005-1261

Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1263

The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in…

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2005-1507

Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL.

CVSS: 5.0 CWE: N/A View on NVD
2005-05-06
High

CVE-2005-1471

Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execute arbitrary code via crafted chunked-encoding data.

CVSS: 7.5 CWE: N/A View on NVD
2005-05-05
High

CVE-2005-1461

Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGAC…

CVSS: 7.5 CWE: N/A View on NVD
2005-05-04
High

CVE-2005-0594

Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2005-1194

Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2005-1336

Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.

CVSS: 4.6 CWE: N/A View on NVD
2005-05-03
High

CVE-2005-1343

Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-1391

Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earlier allows remote attackers to execute arbitrary code via a long Host HTTP header.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1393

Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-1395

Buffer overflow in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier may allow local users to gain privileges via a long (1) XAPPLRESLANGPATH or (2) XAPPLRESDIR environment variable, or (3) command line arg…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2005-1415

Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2005-1442

Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the N…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-1825

Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to exe…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1826

Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a long file extension.

CVSS: 7.5 CWE: N/A View on NVD
2005-05-02
Medium

CVE-1999-1557

Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-1420

AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a long filename, possibly caused by a buffer overflow.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2005-0005

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-0011

Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remo…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2005-0014

Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-0021

Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, whi…

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2005-0022

Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary…

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2005-0033

Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2005-0043

Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-0057

The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibl…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-0059

Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2005-0060

Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-0064

Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-0073

Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-0076

Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2005-0079

Buffer overflow in xtrlock 2.0 allows local users to cause a denial of service (application crash) and hijack the desktop session.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-0084

Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-0086

Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrat…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-0121

Multiple buffer overflows in golddig 2.0 and earlier allow local users to execute arbitrary code via (1) a long map name command line argument or (2) a long username as recorded in the USER environme…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-0140

Buffer overflow in PeID allows attackers to execute arbitrary code via a PE file with an Import Address Table containing a long import library name.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-0185

Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bi…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-0187

Stack-based buffer overflow in the SetSkin function in AtHoc toolbar allows remote attackers to execute arbitrary code via a long skin name.

CVSS: 7.5 CWE: N/A View on NVD