CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 145/160 • 19109 CVEs.

Subscribe CVEs: RSS for “Buffer Overflow”  ·  RSS (High+Critical only)

About “Buffer Overflow”

A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19109 CVEs for this tag (all time). In the last 365 days, 2723 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2004-12-31
Medium

CVE-2004-2587

login.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service via a long txtusername parameter, possibly due to a buffer overflow.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-2593

Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary…

CVSS: 7.5 CWE: N/A View on NVD
Low

CVE-2004-2599

Multiple buffer overflows in Quake II server before R1Q2, as used in multiple products, allow local users to cause a denial of service (application crash) via the server console or rcon.

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-2004-2609

The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuff…

CVSS: 2.1 CWE: N/A View on NVD
High

CVE-2004-2614

Buffer overflow in MyWeb 3.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2004-2654

The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigge…

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2004-2673

Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a lon…

CVSS: 9.0 CWE: N/A View on NVD
High

CVE-2004-2685

Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than C…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2004-2707

Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.5 have unknown impact and attack vectors related to "several security flaws," probably related to buffer overflows in HTTP…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-2709

Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors in…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2004-2710

Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to (1) sending c…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2004-2711

Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "avatar retri…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2004-2712

Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data."

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2004-2719

Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5.0.300 allows remote attackers to execute arbitrary code via a mail message with a long From field, a different issue than CVE-20…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2004-2727

Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request.

CVSS: 4.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Low

CVE-2004-2728

Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command.

CVSS: 3.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2004-12-29
Medium

CVE-2004-1316

Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:…

CVSS: 5.0 CWE: N/A View on NVD
2004-12-27
High

CVE-2004-1317

Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command.

CVSS: 7.5 CWE: N/A View on NVD
2004-12-23
High

CVE-2001-1413

Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries (such as FTP server), may allow remote attackers to execut…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0510

Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2004-0646

Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2004-0803

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code v…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0805

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2004-0810

Buffer overflow in Netopia Timbuktu 7.0.3 allows remote attackers to cause a denial of service (server process crash) via a certain data string that is sent to multiple simultaneous client connection…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-0842

Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading S…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2004-1361

Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which…

CVSS: 5.0 CWE: N/A View on NVD
2004-12-22
Critical

CVE-2005-0441

Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function,…

CVSS: 10.0 CWE: N/A View on NVD
2004-12-21
High

CVE-2004-1307

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number…

CVSS: 7.5 CWE: N/A View on NVD
2004-12-20
High

CVE-2004-0852

Buffer overflow in htget 0.93 allows remote attackers to execute arbitrary code via a crafted URL.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-1326

Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute arbitrary code via a long -setup parameter.

CVSS: 7.2 CWE: N/A View on NVD
2004-12-18
High

CVE-2004-1374

Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges.

CVSS: 7.2 CWE: N/A View on NVD
2004-12-15
Low

CVE-2004-1333

Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a…

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-2004-1334

Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a bu…

CVSS: 2.1 CWE: N/A View on NVD
2004-12-06
High

CVE-2004-0454

Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2004-0455

Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.

CVSS: 7.2 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2004-0456

Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.

CVSS: 7.6 CWE: N/A View on NVD
High

CVE-2004-0619

Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2004-0628

Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.

CVSS: 10.0 CWE: N/A View on NVD
2004-12-03
Critical

CVE-2003-1208

Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the…

CVSS: 10.0 CWE: N/A View on NVD
2004-12-02
High

CVE-2004-1086

Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file.

CVSS: 7.5 CWE: N/A View on NVD
2004-12-01
High

CVE-2004-1352

Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code.

CVSS: 7.2 CWE: N/A View on NVD
2004-11-23
High

CVE-2004-0238

Multiple buffer overflows in Overkill (0verkill) 0.15pre3 might allow local users to execute arbitrary code in the client via a long HOME environment variable in the (1) load_cfg and (2) save_cfg fun…

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2004-0255

Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-0258

Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT,…

CVSS: 7.6 CWE: N/A View on NVD
Critical

CVE-2004-0262

Stack-based buffer overflow in The Palace 3.5 and earlier client allows remote attackers to execute arbitrary code via a link to a palace:// url followed by a long server address string.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2004-0268

Multiple buffer overflows in EvolutionX 3921 and 3935 allow remote attackers to cause a denial of service (hang) via (1) a long cd command to the FTP server, or (2) a long dir command to the telnet s…

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2004-0286

Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long username.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2004-0287

Xlight FTP server 1.52 allows remote authenticated users to cause a denial of service (crash) via a RETR command with a long argument containing a large number of / (slash) characters, possibly trigg…

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2004-0288

Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document.

CVSS: 10.0 CWE: N/A View on NVD
Low

CVE-2004-0289

Buffer overflow in sdbscan in SignatureDB 0.1.1 allows local users to cause a denial of service (segmentation fault) via a database file that contains a large key parameter.

CVSS: 2.1 CWE: N/A View on NVD
Critical

CVE-2004-0290

Buffer overflow in Purge Jihad 2.0.1 and earlier allows remote game servers to execute arbitrary code via an information packet that contains large (1) battle type and (2) map name fields.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0292

Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0297

Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute…

CVSS: 10.0 CWE: N/A View on NVD
Low

CVE-2004-0299

Buffer overflow in smallftpd 0.99 allows local users to cause a denial of service (crash) via an FTP request with a large number of "/" (slash) characters.

CVSS: 2.1 CWE: N/A View on NVD
Critical

CVE-2004-0309

Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0313

Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request, as demonstrated using a long (1) GET argument or (2)…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0315

Buffer overflow in Avirt Voice 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long GET request on port 1080.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2004-0316

Buffer overflow in Avirt Soho 4.3 allows remote attackers to cause a denial of service (crash) via (1) a large GET request to port 1080 or (2) a large GET request of % characters to port 8080.

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2004-0317

Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x allows local users or remote attackers within the LSF cluster to cause a denial of service (segmentation fault) and possibly execut…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0326

Buffer overflow in the web proxy for GateKeeper Pro 4.7 allows remote attackers to execute arbitrary code via a long GET request.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0330

Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2004-0331

Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows remote attackers to cause a denial of service (crash) via a HTTP POST with a long application variable.

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2004-0333

Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2004-0340

Stack-based buffer overflow in WFTPD Pro Server 3.21 Release 1, Pro Server 3.20 Release 2, Server 3.21 Release 1, and Server 3.10 allows local users to execute arbitrary code via long (1) LIST, (2) N…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2004-0345

Buffer overflow in Red Faction client 1.20 and earlier allows remote servers to execute arbitrary code via a long server name.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2004-0346

Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command.

CVSS: 7.8 CWE: CWE-193 - Off-by-one Error View on NVD
Critical

CVE-2004-0353

Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0356

Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0357

Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0597

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS functio…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0636

Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0771

Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-076…

CVSS: 10.0 CWE: N/A View on NVD
2004-11-03
High

CVE-2004-0206

Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or loca…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2004-0214

Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application cr…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0216

Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB fil…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0572

Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not prop…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0574

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attacker…

CVSS: 10.0 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2004-0836

Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2004-10-30
High

CVE-2004-1350

Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNEC…

CVSS: 7.5 CWE: N/A View on NVD
2004-10-26
Critical

CVE-2004-1636

Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet.

CVSS: 10.0 CWE: N/A View on NVD
2004-10-22
Medium

CVE-2004-1626

Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-1627

Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command.

CVSS: 7.5 CWE: N/A View on NVD
2004-10-20
High

CVE-2004-0687

Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arb…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0747

Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.

CVSS: 7.8 CWE: CWE-131 - Incorrect Calculation of Buffer Size View on NVD
High

CVE-2004-0768

libpng 1.2.5 and earlier does not properly calculate certain buffer offsets, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0775

Buffer overflow in WIDCOMM Bluetooth Connectivity Software, as used in products such as BTStackServer 1.3.2.7 and 1.4.2.10, Windows XP and Windows 98 with MSI Bluetooth Dongles, and HP IPAQ 5450 runn…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0782

Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via cer…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0783

Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary cod…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2004-0785

Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0798

Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-1619

Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname.

CVSS: 7.5 CWE: N/A View on NVD
2004-10-16
High

CVE-2004-1638

Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.

CVSS: 7.5 CWE: N/A View on NVD
2004-10-13
High

CVE-2004-1595

Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field.

CVSS: 7.5 CWE: N/A View on NVD
2004-10-07
High

CVE-2005-0373

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to…

CVSS: 7.5 CWE: N/A View on NVD
2004-10-06
High

CVE-2005-0189

Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument.

CVSS: 7.5 CWE: N/A View on NVD
2004-09-28
High

CVE-2002-1583

Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-1050

Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2004-0200

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with…

CVSS: 9.3 CWE: N/A View on NVD
High

CVE-2004-0408

Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0500

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protoco…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0573

Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malic…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0629

Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0691

Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0699

Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE neg…

CVSS: 7.5 CWE: N/A View on NVD
2004-09-16
High

CVE-2004-0827

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute ar…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-1379

Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the sec…

CVSS: 7.5 CWE: N/A View on NVD
2004-09-13
Medium

CVE-2004-1680

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request, possibly trigg…

CVSS: 5.0 CWE: N/A View on NVD
2004-09-12
High

CVE-2004-1676

Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote attackers to execute arbitrary code via a crafted GG_MSG_IMAGE_REPLY message.

CVSS: 7.5 CWE: N/A View on NVD
2004-09-07
High

CVE-2004-0822

Buffer overflow in The Core Foundation framework (CoreFoundation.framework) in Mac OS X 10.2.8, 10.3.4, and 10.3.5 allows local users to execute arbitrary code via a certain environment variable.

CVSS: 7.2 CWE: N/A View on NVD
2004-09-05
Medium

CVE-2004-1664

Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection…

CVSS: 5.0 CWE: N/A View on NVD
2004-09-01
High

CVE-2004-1372

Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the g…

CVSS: 7.2 CWE: N/A View on NVD
2004-08-31
High

CVE-2004-1649

Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security b…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2004-1774

Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER paramet…

CVSS: 7.2 CWE: N/A View on NVD
2004-08-29
Medium

CVE-2004-1641

Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST.

CVSS: 5.0 CWE: N/A View on NVD
2004-08-26
High

CVE-2004-1681

Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) comm…

CVSS: 7.2 CWE: N/A View on NVD
2004-08-24
Medium

CVE-2004-1745

Buffer overflow in Painkiller 1.3.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-1752

Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header.

CVSS: 7.5 CWE: N/A View on NVD
2004-08-20
High

CVE-2004-1726

Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-1728

Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string.

CVSS: 7.5 CWE: N/A View on NVD
2004-08-18
Critical

CVE-2004-0226

Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

CVSS: 10.0 CWE: N/A View on NVD