CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 153/160 • 19109 CVEs.

Subscribe CVEs: RSS for “Buffer Overflow”  ·  RSS (High+Critical only)

About “Buffer Overflow”

A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19109 CVEs for this tag (all time). In the last 365 days, 2728 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2002-05-29
High

CVE-2002-0239

Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0247

Buffer overflows in wmtv 0.6.5 and earlier may allow local users to gain privileges.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0251

Buffer overflow in licq 1.0.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string of format string characters such as "%d".

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0252

Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0260

Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0263

Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi,…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0362

Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows remote attackers to execute arbitrary code via a long AddExternalApp request and a TLV type greater than 0x2711.

CVSS: 7.5 CWE: N/A View on NVD
2002-05-28
High

CVE-2002-1447

Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument.

CVSS: 7.2 CWE: N/A View on NVD
2002-05-27
Critical

CVE-2002-1641

Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via unknown vectors.

CVSS: 10.0 CWE: N/A View on NVD
2002-05-16
High

CVE-2002-0154

Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain lo…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0173

Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0184

Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, w…

CVSS: 7.8 CWE: CWE-131 - Incorrect Calculation of Buffer Size View on NVD
Critical

CVE-2002-0198

Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in other programs such as xamime and inflex, allows remote attackers to execute arbitrary code via an attachment in a long filename.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2002-0199

Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an argument with a large number of backsl…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-0201

Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request, possibly triggering a buffer overflo…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-0204

Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to e…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0207

Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0219

Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0231

Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname.

CVSS: 7.5 CWE: N/A View on NVD
2002-05-01
High

CVE-1999-1570

Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.

CVSS: 7.2 CWE: N/A View on NVD
2002-04-23
Medium

CVE-2002-1602

Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code.

CVSS: 4.6 CWE: N/A View on NVD
2002-04-22
High

CVE-2002-0071

Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code v…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0079

Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0147

Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discover…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0149

Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0150

Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via H…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0152

Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large n…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0177

Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0179

Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0180

Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that r…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2002-1621

Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.

CVSS: 10.0 CWE: N/A View on NVD
2002-04-05
Medium

CVE-2002-1598

Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earlier may allow local users to execute arbitrary code via long command line arguments to (1) mlclear or (2) mllock.

CVSS: 4.6 CWE: N/A View on NVD
2002-04-04
High

CVE-2002-0151

Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.

CVSS: 7.2 CWE: N/A View on NVD
2002-04-03
High

CVE-2002-0017

Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.

CVSS: 7.5 CWE: N/A View on NVD
2002-04-02
High

CVE-2002-0158

Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.

CVSS: 7.2 CWE: N/A View on NVD
2002-04-01
High

CVE-2001-1174

Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header.

CVSS: 7.5 CWE: N/A View on NVD
2002-03-26
High

CVE-2002-0163

Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary…

CVSS: 7.5 CWE: N/A View on NVD
2002-03-25
High

CVE-2002-0098

Buffer overflow in index.cgi administration interface for Boozt! Standard 0.9.8 allows local users to execute arbitrary code via a long name field when creating a new banner.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-0099

Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP request to the cgi-bin directory in which the CGI program name con…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-0125

Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as (1) Super Methane Brothers, (2) Star War, (3) Kwirk, (4) Clankanoid, and…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0126

Buffer overflow in BlackMoon FTP Server 1.0 through 1.5 allows remote attackers to execute arbitrary code via a long argument to (1) USER, (2) PASS, or (3) CWD.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0130

Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0132

Buffer overflow in Chinput 3.0 allows local users to execute arbitrary code via a long HOME environment variable.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0133

Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-0143

Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable.

CVSS: 4.6 CWE: N/A View on NVD
2002-03-15
High

CVE-2002-0070

Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an applicati…

CVSS: 7.6 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2002-0082

The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attac…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0084

Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0086

Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0088

Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0089

Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0090

Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option.

CVSS: 7.2 CWE: N/A View on NVD
2002-03-08
High

CVE-2002-0020

Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0022

Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded Acti…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0050

Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote attackers to execute arbitrary code via long authentication data.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0053

Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malforme…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2002-0056

Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0062

Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolli…

CVSS: 7.2 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2002-0063

Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0081

Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTT…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-1619

Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attackers to cause a denial of service (crash and core dump).

CVSS: 5.0 CWE: N/A View on NVD
2002-03-04
High

CVE-2001-1376

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.

CVSS: 7.5 CWE: N/A View on NVD
2002-02-27
High

CVE-2002-0003

Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-0028

Buffer overflow in ICQ before 2001B Beta v5.18 Build #3659 allows remote attackers to execute arbitrary code via a Voice Video & Games request.

CVSS: 7.5 CWE: N/A View on NVD
2002-01-31
Critical

CVE-2002-0005

Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote attackers to execute arbitrary code via a long argument in a game request (AddGame).

CVSS: 10.0 CWE: N/A View on NVD
2002-01-30
High

CVE-2001-1457

Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote attackers to execute arbitrary code via a long HTTP_USER_AGENT CGI environment variable.

CVSS: 7.5 CWE: N/A View on NVD
2002-01-11
High

CVE-2003-0061

Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.

CVSS: 7.2 CWE: N/A View on NVD
2002-01-02
High

CVE-2002-1594

Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument.

CVSS: 7.2 CWE: N/A View on NVD
2001-12-31
High

CVE-2001-1478

Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2001-1496

Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS: 9.8 CWE: CWE-193 - Off-by-one Error View on NVD
High

CVE-2001-1498

Buffer overflow in mod_bf 0.2 allows local users to execute arbitrary commands via a long script.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2001-1508

Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2001-1529

Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-1531

Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an email attachment with a long filename.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-1541

Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2001-1553

Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options (1) socks_server, (2) socks_user, and (3) socks_…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2001-1557

Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-1561

Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2001-1573

Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2001-1574

Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2001-1575

Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer ov…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2001-1576

Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2001-1582

Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2001-12-30
High

CVE-2001-1207

Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-1466

Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long (1) username or (2) password.

CVSS: 7.5 CWE: N/A View on NVD
2001-12-21
Medium

CVE-2001-0886

Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2001-1216

Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page.

CVSS: 7.5 CWE: N/A View on NVD
2001-12-20
High

CVE-2001-0542

Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. N…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-0876

Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.

CVSS: 7.5 CWE: N/A View on NVD
2001-12-17
High

CVE-2001-1201

Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file.

CVSS: 7.2 CWE: N/A View on NVD
2001-12-12
Critical

CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

CVSS: 10.0 CWE: N/A View on NVD
2001-12-06
Critical

CVE-2001-0671

Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2001-0719

Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2001-0799

Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2001-0803

Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands.

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2001-0815

Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-0818

A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier allows remote attackers to execute arbitrary commands by sending the command a large amount of data.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-0819

A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2001-0820

Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to (1) the Log function in util.c, or (2) serveconnection in protocol.c.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2001-0825

Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length ch…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2001-0826

Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP, (2) USER, (3) PASS, (4) PORT, (5) DELE, (6) REST, (7) RMD, or (8) MKD.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-0833

Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerabil…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0836

Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2001-0840

Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2001-0850

A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2001-0855

Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2001-0858

Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.

CVSS: 4.6 CWE: N/A View on NVD
2001-12-04
High

CVE-2001-0949

Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 allows remote attackers to execute arbitrary code via long argument…

CVSS: 7.5 CWE: N/A View on NVD
2001-12-03
Medium

CVE-2001-0945

Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allows remote attackers to cause a denial of service via an e-mail message that contains a long line.

CVSS: 5.0 CWE: N/A View on NVD
2001-11-30
High

CVE-2001-0936

Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with the local caching method selected, allows remote FTP servers to run arbitrary code via a long response to an MDTM request.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2001-0941

Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable.

CVSS: 4.6 CWE: N/A View on NVD
2001-11-28
High

CVE-1999-1514

Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long USER command.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-0928

Buffer overflow in the permitted function of GNOME gtop daemon (libgtop_daemon) in libgtop 1.0.13 and earlier may allow remote attackers to execute arbitrary code via long authentication data.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-0932

Buffer overflow in Cooolsoft PowerFTP Server 2.03 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long command.

CVSS: 7.5 CWE: N/A View on NVD
2001-11-21
High

CVE-2001-0909

Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-0916

Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via a long check argument of a shell definition.

CVSS: 7.2 CWE: N/A View on NVD
2001-11-18
High

CVE-2001-1228

Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.

CVSS: 7.5 CWE: N/A View on NVD
2001-11-12
Medium

CVE-2001-1429

Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file.

CVSS: 4.6 CWE: N/A View on NVD
2001-10-30
Medium

CVE-2001-0728

Buffer overflow in Compaq Management Agents before 5.2, included in Compaq Web-enabled Management Software, allows local users to gain privileges.

CVSS: 4.6 CWE: N/A View on NVD
2001-10-18
High

CVE-2001-0735

Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.

CVSS: 7.2 CWE: N/A View on NVD