Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-09-08 | CVE-2010-2492 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. | 7.8 |
| 2010-06-30 | CVE-2010-1205 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. | 9.8 |
| 2009-01-20 | CVE-2009-0182 | Classic Buffer Overflow vulnerability in Vuplayer Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line. | 8.8 |
| 2008-08-12 | CVE-2008-3275 | Classic Buffer Overflow vulnerability in multiple products The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories. | 5.5 |
| 2008-02-12 | CVE-2007-5659 | Classic Buffer Overflow vulnerability in Adobe Acrobat Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. | 7.8 |
| 2006-05-20 | CVE-2006-2492 | Classic Buffer Overflow vulnerability in Microsoft Office and Works Suite Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack. | 8.8 |
| 2004-08-06 | CVE-2004-0210 | Classic Buffer Overflow vulnerability in Microsoft Interix, Windows 2000 and Windows NT The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow. | 7.8 |
| 2002-10-11 | CVE-2002-0969 | Classic Buffer Overflow vulnerability in Oracle Mysql Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. | 7.8 |