Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-07-31 | CVE-2014-3554 | Classic Buffer Overflow vulnerability in Libndp Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL) in an IPv6 router advertisement. | 6.8 |
2014-04-30 | CVE-2014-1524 | Classic Buffer Overflow vulnerability in multiple products The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object. | 7.5 |
2014-03-19 | CVE-2014-1509 | Classic Buffer Overflow vulnerability in Mozilla products Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document. | 6.8 |
2013-10-04 | CVE-2013-4344 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. | 7.2 |
2013-06-12 | CVE-2013-1331 | Classic Buffer Overflow vulnerability in Microsoft Office 2003/2011 Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability." | 7.8 |
2013-02-14 | CVE-2013-0641 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013. | 7.8 |
2013-01-13 | CVE-2013-0760 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document. | 9.3 |
2012-07-12 | CVE-2012-2763 | Classic Buffer Overflow vulnerability in Gimp Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server. | 7.5 |
2012-05-24 | CVE-2011-3353 | Classic Buffer Overflow vulnerability in Linux Kernel Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the ability to mount a FUSE filesystem. | 5.5 |
2012-04-17 | CVE-2012-2089 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file. | 6.8 |