High
CVE-1999-0840
Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option.
Tag: Buffer Overflow
All CVEs associated with "Buffer Overflow". Page 158/160 • 19109 CVEs.
Subscribe CVEs: RSS for “Buffer Overflow” · RSS (High+Critical only)
About “Buffer Overflow”
A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19109 CVEs for this tag (all time). In the last 365 days, 2728 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.
In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
1999-11-30
High
CVE-1999-0841
Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type.
1999-11-29
Medium
CVE-1999-0847
Buffer overflow in free internet chess server (FICS) program, xboard.
1999-11-25
High
CVE-1999-0317
Buffer overflow in Linux su command gives root access to local users.
High
CVE-1999-0845
Buffer overflow in SCO su program allows local users to gain root access via a long username.
1999-11-24
High
CVE-1999-1189
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument…
1999-11-22
High
CVE-1999-1058
Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands.
1999-11-20
High
CVE-1999-0818
Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.
1999-11-17
Medium
CVE-2000-0073
Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.
1999-11-16
High
CVE-1999-1457
Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function.
1999-11-15
Critical
CVE-1999-1190
Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message.
1999-11-13
High
CVE-2000-0165
The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands.
1999-11-10
High
CVE-1999-0833
Buffer overflow in BIND 8.2 via NXT records.
High
CVE-1999-1511
Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command…
High
CVE-1999-1539
Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via…
1999-11-09
Critical
CVE-1999-0832
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
High
CVE-1999-1111
Vulnerability in StackGuard before 1.21 allows remote attackers to bypass the Random and Terminator Canary security mechanisms by using a non-linear attack which directly modifies a pointer to a retu…
High
CVE-1999-1112
Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header.
1999-11-08
Medium
CVE-1999-0863
Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI.
Critical
CVE-2001-0679
A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server.
1999-11-07
High
CVE-1999-1529
A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code.
1999-11-04
Critical
CVE-1999-0896
Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password.
High
CVE-1999-0898
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.
High
CVE-1999-1340
Buffer overflow in faxalter in hylafax 4.0.2 allows local users to gain privileges via a long -m command line argument.
High
CVE-1999-1571
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
1999-11-03
Medium
CVE-1999-0904
Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.
1999-11-02
Medium
CVE-1999-0946
Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag.
High
CVE-1999-0948
Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
High
CVE-1999-0949
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
High
CVE-1999-1531
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
1999-11-01
High
CVE-1999-0830
Buffer overflow in SCO UnixWare Xsco command via a long argument.
1999-10-31
Medium
CVE-1999-1577
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
1999-10-30
High
CVE-1999-0873
Buffer overflow in Skyfull mail server via MAIL FROM command.
1999-10-28
Critical
CVE-1999-0950
Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
1999-10-23
High
CVE-1999-0900
Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation.
1999-10-22
Critical
CVE-1999-0951
Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands.
High
CVE-2000-0362
Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges.
1999-10-15
Critical
CVE-1999-0943
Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to the web configurator.
1999-10-04
High
CVE-1999-1523
Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request.
1999-10-01
Critical
CVE-1999-0879
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
Medium
CVE-2000-0016
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username.
Medium
CVE-2000-0047
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message.
1999-09-30
Medium
CVE-1999-0931
Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands.
High
CVE-1999-1469
Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header.
High
CVE-1999-1583
Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.
1999-09-28
Critical
CVE-1999-0789
Buffer overflow in AIX ftpd in the libc library.
1999-09-27
High
CVE-1999-0940
Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages.
High
CVE-1999-1576
Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.
1999-09-24
High
CVE-1999-1484
Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured.
Medium
CVE-1999-1578
Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands.
1999-09-23
High
CVE-1999-0906
Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable.
High
CVE-1999-1477
Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack.
High
CVE-1999-1534
Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable.
1999-09-21
High
CVE-1999-0708
Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.
1999-09-16
Critical
CVE-1999-0704
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
1999-09-13
High
CVE-1999-0691
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
Medium
CVE-1999-0751
Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.
Critical
CVE-1999-0759
Buffer overflow in FuseMAIL POP service via long USER and PASS commands.
Medium
CVE-1999-1014
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
1999-09-12
Critical
CVE-1999-1521
Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server.
1999-09-08
High
CVE-1999-0767
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
1999-09-02
Medium
CVE-1999-0685
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
High
CVE-1999-1516
A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string.
1999-09-01
Medium
CVE-1999-0670
Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands.
High
CVE-1999-0705
Buffer overflow in INN inews program.
1999-08-31
High
CVE-1999-0774
Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names.
1999-08-27
Critical
CVE-1999-0911
Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
1999-08-25
High
CVE-1999-0768
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
High
CVE-1999-0872
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
1999-08-22
Critical
CVE-1999-0878
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
Critical
CVE-1999-1064
Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name (ar…
1999-08-18
Critical
CVE-1999-0745
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
1999-08-16
Low
CVE-1999-0749
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
1999-08-13
High
CVE-1999-0679
Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows remote attackers to execute commands via m_invite invite option.
1999-08-12
Medium
CVE-1999-0724
Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.
1999-08-08
Medium
CVE-1999-0673
Buffer overflow in ALMail32 POP3 client via From: or To: headers.
1999-08-03
Medium
CVE-1999-0671
Buffer overflow in ToxSoft NextFTP client through CWD command.
1999-08-01
Medium
CVE-1999-0672
Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics.
1999-07-29
Medium
CVE-1999-0700
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
1999-07-21
Medium
CVE-1999-0811
Buffer overflow in Samba smbd program via a malformed message command.
1999-07-20
Critical
CVE-1999-1535
Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the…
1999-07-06
Medium
CVE-1999-0752
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
1999-07-01
Medium
CVE-1999-0688
Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.
Critical
CVE-1999-0696
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
1999-06-26
High
CVE-1999-0733
Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable.
1999-06-25
High
CVE-1999-0778
Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a long display or query parameter.
1999-06-24
High
CVE-1999-0748
Buffer overflows in Red Hat net-tools package.
1999-06-16
Critical
CVE-1999-0874
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
1999-06-06
Critical
CVE-1999-1237
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long…
1999-06-01
Medium
CVE-2000-0481
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.
1999-05-27
High
CVE-1999-0802
Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.
1999-05-26
Critical
CVE-1999-0920
Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command.
1999-05-23
Medium
CVE-1999-0928
Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL.
1999-05-20
Medium
CVE-1999-0715
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
1999-05-17
Medium
CVE-1999-0716
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
High
CVE-1999-1510
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
1999-05-11
High
CVE-1999-0773
Buffer overflow in Solaris lpset program allows local users to gain root access.
1999-05-10
High
CVE-1999-0806
Buffer overflow in Solaris dtprintinfo program.
1999-05-08
Medium
CVE-1999-1566
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
1999-05-01
Critical
CVE-1999-1553
Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line.
1999-04-05
High
CVE-1999-0439
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.
1999-03-08
High
CVE-1999-1371
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument.
1999-03-05
High
CVE-1999-0410
The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.
1999-03-04
Medium
CVE-1999-0409
Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.
1999-03-02
Medium
CVE-1999-1551
Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL.
1999-03-01
Medium
CVE-1999-0261
Netmanager Chameleon SMTPd has several buffer overflows that cause a crash.
High
CVE-1999-0413
A buffer overflow in the SGI X server allows local users to gain root access through the X server font path.
Critical
CVE-1999-1046
Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181.
1999-02-26
High
CVE-1999-0381
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
1999-02-23
Low
CVE-1999-0484
Buffer overflow in OpenBSD ping.
1999-02-22
Medium
CVE-1999-0441
Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service.
1999-02-19
High
CVE-1999-0406
Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.
Low
CVE-1999-0460
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.
1999-02-18
High
CVE-1999-0405
A buffer overflow in lsof allows local users to obtain root privilege.
1999-02-17
Medium
CVE-1999-1060
Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS…
1999-02-16
High
CVE-1999-0375
Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands.
1999-02-14
High
CVE-1999-0404
Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution.
1999-02-09
Critical
CVE-1999-0368
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
1999-02-02
High
CVE-1999-0363
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.
1999-02-01
High
CVE-1999-0358
Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.