CWE-120
High likelihoodBuffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Parent: CWE-787 - Out-of-bounds Write
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
4,106 vulnerabilities with CWE-120
CVE-2013-1592
CRITICAL
SAP Netweaver - Buffer Overflow
CVSS 9.8
CVE-2013-4357
HIGH
Eglibc < 2.14 - Buffer Overflow
CVSS 7.5
CVE-2013-4743
CRITICAL
Static HTTP Server 1.0 - Buffer Overflow
CVSS 9.8
CVE-2013-7088
CRITICAL
ClamAV <0.97.7 - Buffer Overflow
CVSS 9.8
CVE-2013-2075
HIGH
Call-cc Chicken < 4.8.0.3 - Buffer Overflow
CVSS 8.8
CVE-2013-4344
Qemu < 1.6.2 - Buffer Overflow
CVE-2013-1331
HIGH
KEV
Microsoft Office <2011 - RCE
CVSS 7.8
CVE-2013-0894
FFmpeg <1.1.3 - Buffer Overflow
CVE-2013-0641
HIGH
KEV
Adobe Reader/Acrobat <9.5.4-10.1.6-11.0.02 - RCE
CVSS 7.8
CVE-2013-0760
Mozilla Firefox <18.0, Thunderbird <17.0.2, SeaMonkey <2.15 - RCE
CVE-2012-10035
CRITICAL
Turbo FTP Server <1.30.823-1.30.826 - Buffer Overflow
CVE-2012-3407
HIGH
Plow - Buffer Overflow
CVSS 7.8
CVE-2012-6122
HIGH
Call-cc Chicken < 4.8.0.1 - Buffer Overflow
CVSS 7.5
CVE-2012-6075
Qemu < 1.3.0 - Buffer Overflow
CVE-2012-2763
GIMP <2.6.12-2.6.13 - RCE
CVE-2012-2089
F5 Nginx < 1.0.14 - Buffer Overflow
CVE-2011-10025
HIGH
Subtitle Processor 7.7.1 - Buffer Overflow
CVE-2011-10022
HIGH
SPlayer <3.7 - Buffer Overflow
CVE-2011-10005
MEDIUM
Easyftp Server - Buffer Overflow
CVSS 6.3
CVE-2011-1145
HIGH
Unixodbc < 2.2.14 - Buffer Overflow
CVSS 7.8
CVE-2011-3353
MEDIUM
Linux Kernel < 3.1 - Buffer Overflow
CVSS 5.5
CVE-2011-3033
Google Chrome < 17.0.963.65 - Buffer Overflow
CVE-2011-3959
Google Chrome <17.0.963.46 - Buffer Overflow
CVE-2011-4862
GNU Inetutils < 1.9 - Buffer Overflow
CVE-2011-3915
Google Chrome <16.0.912.63 - DoS
Details
Vulnerabilities
4,106
Exploit Likelihood
High