Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-06 | CVE-2004-0455 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. | 7.2 |
2004-08-06 | CVE-2004-0210 | Classic Buffer Overflow vulnerability in Microsoft Interix, Windows 2000 and Windows NT The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow. | 7.8 |
2003-12-31 | CVE-2003-1388 | Classic Buffer Overflow vulnerability in Opera Browser 7.02 Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension. | 9.3 |
2003-12-31 | CVE-2003-1387 | Classic Buffer Overflow vulnerability in Opera Browser 6.05/6.06/7.0 Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username. | 7.5 |
2003-12-31 | CVE-2003-1228 | Classic Buffer Overflow vulnerability in Mathopd Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path. | 7.5 |
2003-12-15 | CVE-2003-0947 | Classic Buffer Overflow vulnerability in Wireless Tools Project Wireless Tools Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable. | 7.2 |
2003-06-09 | CVE-2003-0358 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option. | 4.6 |
2002-10-11 | CVE-2002-0969 | Classic Buffer Overflow vulnerability in Oracle Mysql Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. | 7.8 |
2001-08-14 | CVE-2001-0554 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | 10.0 |
2001-05-16 | CVE-2001-1323 | Classic Buffer Overflow vulnerability in MIT Kerberos 5 Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function. | 7.5 |