Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2251 | Buffer Errors vulnerability in Marcos Luiz Onisto LIB CGI 0.1 Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument. | 10.0 |
| 2002-12-31 | CVE-2002-2250 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sybase Adaptive Server 12.0/12.5 Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument to the DBCC CHECKVERIFY function. | 10.0 |
| 2002-12-31 | CVE-2002-2248 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Netscape Communicator Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | 10.0 |
| 2002-12-31 | CVE-2002-2232 | Buffer Errors vulnerability in Mollensoft Software Enceladus Server Suite 3.9 Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers to execute arbitrary code via a long CD (CWD) command. | 8.5 |
| 2002-12-31 | CVE-2002-2226 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Tftpd32 Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument. | 7.5 |
| 2002-12-31 | CVE-2002-2196 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Samba Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. | 7.5 |
| 2002-12-23 | CVE-2002-1365 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Fetchmail Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | 7.5 |
| 2002-12-23 | CVE-2002-1357 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. network low complexity cisco fissh intersoft netcomposite pragma-systems putty winscp CWE-119 critical | 10.0 |
| 2002-10-28 | CVE-2002-1222 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Catos Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. | 7.1 |
| 2002-10-28 | CVE-2002-1200 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Oneidentity Syslog-Ng Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. | 7.5 |