CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 149/160 • 19109 CVEs.

Subscribe CVEs: RSS for “Buffer Overflow”  ·  RSS (High+Critical only)

About “Buffer Overflow”

A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19109 CVEs for this tag (all time). In the last 365 days, 2723 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2003-07-02
High

CVE-2003-0397

Buffer overflow in FastTrack (FT) network code, as used in Kazaa 2.0.2 and possibly other versions and products, allows remote attackers to execute arbitrary code via a packet containing a large list…

CVSS: 7.5 CWE: N/A View on NVD
2003-06-30
Critical

CVE-2003-0407

Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0408

Buffer overflow in Uptime Client (UpClient) 5.0b7, and possibly other versions, allows local users to gain privileges via a long -p argument.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2003-0409

Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2003-0410

Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to execute arbitrary code via a long URL to port 6588.

CVSS: 10.0 CWE: N/A View on NVD
2003-06-19
High

CVE-2003-1067

Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to…

CVSS: 7.2 CWE: N/A View on NVD
2003-06-16
High

CVE-2002-1155

Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-1565

Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0276

Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GET request with a large number of / characters.

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2003-0280

Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2003-0281

Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environ…

CVSS: 4.6 CWE: N/A View on NVD
Critical

CVE-2003-0288

Buffer overflow in the file & folder transfer mechanism for IP Messenger for Win 2.00 through 2.02 allows remote attackers to execute arbitrary code via file with a long filename, which triggers the…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0315

Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP request, which may trigger a buffer overflow.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0344

Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0371

Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0373

Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code via (1) a long…

CVSS: 4.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2003-0376

Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large n…

CVSS: 5.0 CWE: N/A View on NVD
2003-06-09
High

CVE-2002-1456

Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0224

Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long f…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0306

Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0319

Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0.10.8 and earlier allows remote authenticated users to execute arbitrary code via a long SELECT command.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0321

Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier allow remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long hostnames, nic…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0323

Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0324

Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long replies that are not properly h…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0325

Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2003-0330

Buffer overflow in unknown versions of Maelstrom allows local users to execute arbitrary code via a long -player command line argument.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2003-0358

Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.

CVSS: 4.6 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2003-0360

Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0362

Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines.

CVSS: 5.0 CWE: N/A View on NVD
2003-06-06
High

CVE-2003-1068

Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082.

CVSS: 7.2 CWE: N/A View on NVD
2003-05-27
High

CVE-2003-0263

Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0264

Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0266

Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0269

Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0271

Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0274

Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value.

CVSS: 10.0 CWE: N/A View on NVD
2003-05-22
High

CVE-2003-0339

Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests.

CVSS: 7.5 CWE: N/A View on NVD
2003-05-19
High

CVE-2003-0333

Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3…

CVSS: 7.2 CWE: N/A View on NVD
2003-05-12
Medium

CVE-2003-0112

Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0113

Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0117

Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0210

Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user para…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0213

ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, le…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0218

Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2003-0220

Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0222

Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a conne…

CVSS: 9.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2003-0233

Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115.

CVSS: 7.5 CWE: N/A View on NVD
2003-05-05
Critical

CVE-2003-0196

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2003-0201

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2003-0209

Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-b…

CVSS: 10.0 CWE: N/A View on NVD
2003-04-22
Critical

CVE-2002-1468

Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2002-1473

Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2002-1476

Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a us…

CVSS: 4.6 CWE: N/A View on NVD
2003-04-11
Medium

CVE-2002-1414

Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDIR environment variable.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2002-1418

Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (A…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-1424

Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-1426

HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2002-1441

Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via (1) the Steelarrow Service (Steelarrow.exe) using a long UserIdent Cookie header, (2)…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0197

Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0203

Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner.

CVSS: 7.5 CWE: N/A View on NVD
2003-04-02
High

CVE-2002-1486

Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-1489

Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long URL or (2) a request with a long method name.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-1492

Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-1496

Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-1500

Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which pro…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-1503

Buffer overflow in Automatic File Distributor (AFD) 1.2.14 and earlier allows local users to gain privileges via a long MON_WORK_DIR environment variable or -w (workdir) argument to (1) afd, (2) afdc…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-1506

Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2002-1522

Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-1524

Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0091

Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0092

Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0159

Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0161

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disable…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0167

Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and pos…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0168

Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0172

Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filenam…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0178

Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields param…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0179

Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the Initializ…

CVSS: 7.5 CWE: N/A View on NVD
2003-03-31
Medium

CVE-2002-1539

Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or (2) UIDL arguments.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-1542

SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-1543

Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2002-1549

Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-1551

Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code.

CVSS: 4.6 CWE: N/A View on NVD
Critical

CVE-2003-0085

Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0109

Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0144

Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via lo…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0146

Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as…

CVSS: 7.5 CWE: N/A View on NVD
2003-03-24
High

CVE-2003-0010

Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0128

The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code vi…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2003-0140

Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a den…

CVSS: 7.5 CWE: N/A View on NVD
2003-03-18
High

CVE-2002-0387

Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0030

Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2003-0102

Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_she…

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2003-0122

Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authenticati…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2003-0123

Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2003-0125

Buffer overflow in the web interface for SOHO Routefinder 550 before firmware 4.63 allows remote attackers to cause a denial of service (reboot) and execute arbitrary code via a long GET /OPTIONS val…

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2003-0143

The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer…

CVSS: 10.0 CWE: N/A View on NVD
2003-03-07
Critical

CVE-2002-1337

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the…

CVSS: 10.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2003-0033

Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0055

Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0107

Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or pos…

CVSS: 7.5 CWE: N/A View on NVD
2003-03-03
High

CVE-2003-0087

Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im a…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2003-0095

Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable t…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2003-0096

Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTA…

CVSS: 9.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2003-0099

Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0100

Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.

CVSS: 7.5 CWE: N/A View on NVD
2003-02-19
High

CVE-2003-0004

Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0056

Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0057

Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0062

Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name.

CVSS: 7.2 CWE: N/A View on NVD
2003-02-07
High

CVE-2003-0003

Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC c…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0034

Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0035

Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long printer-name command line argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0037

Buffer overflows in noffle news server 1.0.1 and earlier allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2003-02-06
Critical

CVE-2003-1090

Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title.

CVSS: 10.0 CWE: N/A View on NVD
2003-01-17
High

CVE-2002-1391

Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-1396

Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-1397

Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly t…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-1398

Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handli…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2002-1400

Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string.

CVSS: 7.5 CWE: N/A View on NVD