Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,201)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2003-0947 1Wireless Tools Project 1Wireless Tools Apr 16, 2026 Dec 15, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.
CVE-2003-0595 1Terascript 1Wintango Application Server Apr 16, 2026 Aug 27, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference.
CVE-2003-0358 3Debian Falconseye ProjectNethack 3Debian Linux FalconseyeNethack Apr 16, 2026 Jun 9, 2003 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
CVE-2002-1337 7Gentoo HpNetbsd+4 more 9Alphaserver Sc BsdosHp Ux+6 more Apr 16, 2026 Mar 7, 2003 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of...Show more Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.Show less
CVE-2002-0969 1Oracle 1Mysql Apr 16, 2026 Oct 11, 2002 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, who...Show more Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.Show less
CVE-2002-0698 1Microsoft 1Exchange Server Apr 16, 2026 Aug 12, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lo...Show more Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response.Show less
CVE-2002-0062 5Debian FreebsdGnu+2 more 5Debian Linux FreebsdLinux+2 more Apr 16, 2026 Mar 8, 2002 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
CVE-2001-0554 9Debian FreebsdIbm+6 more 11Aix Debian LinuxFreebsd+8 more Apr 16, 2026 Aug 14, 2001 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by t...Show more Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.Show less
CVE-2001-1323 1Mit 1Kerberos 5 Apr 16, 2026 May 16, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_e...Show more Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function.Show less
CVE-2001-0191 1Andynorman 1Gnuserv Apr 16, 2026 May 3, 2001 N/A· v4 N/A· v3 10.0 HIGH· v2 gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or bru...Show more gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length.Show less
CVE-1999-0945 1Microsoft 1Exchange Server Apr 16, 2026 Mar 12, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.
CVE-2000-1094 1Aol 1Aim Apr 16, 2026 Jan 9, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument.
CVE-2000-0548 3Cygnus Network Security Project Kerbnet ProjectMit 4Cygnus Network Security KerberosKerberos 5+1 more Apr 16, 2026 Jun 9, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.
CVE-2000-0547 3Cygnus Network Security Project Kerbnet ProjectMit 4Cygnus Network Security KerberosKerberos 5+1 more Apr 16, 2026 Jun 9, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function.
CVE-2000-0546 3Cygnus Network Security Project Kerbnet ProjectMit 4Cygnus Network Security KerberosKerberos 5+1 more Apr 16, 2026 Jun 9, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.
CVE-2000-1216 1Ibm 1Aix Apr 16, 2026 Jan 27, 2000 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine.
CVE-1999-1237 1Apache 1Http Server Apr 16, 2026 Jun 6, 1999 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long...Show more Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.Show less
CVE-1999-0385 1Microsoft 1Exchange Server Apr 16, 2026 Dec 1, 1998 N/A· v4 N/A· v3 10.0 HIGH· v2 The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.
CVE-1999-0284 2Ibm Microsoft 2Exchange Server Lotus Domino Mail Server Apr 16, 2026 Jan 1, 1998 N/A· v4 N/A· v3 7.5 HIGH· v2 Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
CVE-1999-0038 7Bsdi Data GeneralDebian+4 more 8Aix Bsd OsDebian Linux+5 more Apr 16, 2026 Apr 26, 1997 N/A· v4 8.4 HIGH· v3 7.2 HIGH· v2 Buffer overflow in xlock program allows local users to execute commands as root.

Previous 1...207 208 209210211 Next