Vulnerabilities > Incorrect Calculation of Buffer Size

DATE CVE VULNERABILITY TITLE RISK
2017-05-12 CVE-2017-0620 Incorrect Calculation of Buffer Size vulnerability in multiple products
An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
linux google CWE-131
7.0
2017-04-12 CVE-2017-0166 Incorrect Calculation of Buffer Size vulnerability in Microsoft products
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated.
network
high complexity
microsoft CWE-131
8.1
2017-04-07 CVE-2017-0569 Incorrect Calculation of Buffer Size vulnerability in Linux Kernel 3.10/3.18
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
linux CWE-131
7.0
2008-05-05 CVE-2008-0599 Incorrect Calculation of Buffer Size vulnerability in multiple products
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
network
low complexity
php fedoraproject canonical apple CWE-131
critical
9.8
2005-10-17 CVE-2005-3120 Incorrect Calculation of Buffer Size vulnerability in multiple products
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
network
low complexity
invisible-island debian CWE-131
critical
9.8
2005-08-16 CVE-2005-2103 Incorrect Calculation of Buffer Size vulnerability in Gaim Project Gaim 0.75
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.
network
low complexity
gaim-project CWE-131
critical
9.8
2005-05-02 CVE-2005-0490 Incorrect Calculation of Buffer Size vulnerability in Haxx Curl and Libcurl
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication.
network
low complexity
haxx CWE-131
8.8
2005-02-09 CVE-2004-0940 Incorrect Calculation of Buffer Size vulnerability in multiple products
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
local
low complexity
openpkg apache slackware hp suse trustix CWE-131
7.8
2004-10-20 CVE-2004-0747 Incorrect Calculation of Buffer Size vulnerability in Apache Http Server
Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
local
low complexity
apache CWE-131
7.8
2004-08-04 CVE-2004-1363 Incorrect Calculation of Buffer Size vulnerability in Oracle products
Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.
network
low complexity
oracle CWE-131
critical
9.8