CWE-193

Off-by-one Error

Parent: CWE-682 - Incorrect Calculation

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

198 vulnerabilities with CWE-193
CVE-2008-3964
libpng <1.2.32beta01, 1.4 <1.4.0beta34 - DoS
CVE-2008-3535
Linux Kernel < 2.6.27 - Denial of Service via iov_iter_advance Off-by-one Error
CVE-2007-2052
Python 2.4 and 2.5 - Off-by-one Error in PyLocale_strxfrm
CVE-2006-10003 CRITICAL
Perl XML::Parser <=2.47 st_serial_stack - Off-by-One Heap Buffer Overflow
CVSS 9.8
CVE-2006-4574 HIGH
Wireshark 0.10.1-0.99.3 - Denial of Service via MIME Multipart Dissector Off-by-one Error
CVSS 7.5
CVE-2005-1268
Apache HTTP Server 2.0.35-2.0.53 - Denial of Service via CRL Verification Buffer Overflow
CVE-2004-0342 MEDIUM
WFTPD Pro Server 3.21 Release 1 - DoS
CVSS 5.5
CVE-2004-0346 HIGH
ProFTPD <1.2.9rc2p - Buffer Overflow
CVSS 7.8
CVE-2004-0005 CRITICAL
Gaim 0.75 - Multiple Buffer Overflows via Yahoo and MIME Decoders
CVSS 9.8
CVE-2003-0466 CRITICAL
wu-ftpd 2.5.0-2.6.2 - Remote Code Execution via fb_realpath Off-by-one Error
CVSS 9.8
CVE-2003-0625 HIGH
hadrons xfstt < 1.5.1 - Off-by-one Error via Malformed Client Request
CVSS 7.5
CVE-2003-0252 CRITICAL
nfs-utils < 1.0.4 - Denial of Service and Possible Remote Code Execution via xlog Function
CVSS 9.8
CVE-2003-0356 CRITICAL
Ethereal <0.9.11 - DoS/Arbitrary Code Execution
CVSS 9.8
CVE-2002-1721 HIGH
altermime 0.1.10 and 0.1.11 - Denial of Service via x-header Off-by-one Error
CVSS 7.5
CVE-2002-1745 HIGH
Microsoft IIS 5.0 - Info Disclosure
CVSS 7.5
CVE-2002-1816 CRITICAL
atphttpd < 0.4b - Remote Code Execution via Long HTTP GET Request
CVSS 9.8
CVE-2002-0844 HIGH
CVSD < 1.11.2 - Local Arbitrary Code Execution via PreservePermissions Off-by-one Overflow
CVSS 7.8
CVE-2002-0653 HIGH
mod_ssl < 2.8.9 - Off-by-one Buffer Overflow in ssl_compat_directive
CVSS 7.8
CVE-2002-0083 CRITICAL
OpenSSH <3.0.2 - Privilege Escalation
CVSS 9.8
CVE-2001-1496 CRITICAL
Acme Labs thttpd <2.20 - Buffer Overflow
CVSS 9.8
CVE-2001-0609 CRITICAL
Infodrom cfingerd <1.4.3 - Privilege Escalation
CVSS 9.8
CVE-2001-1391 MEDIUM
Linux kernel <2.2.19 - Memory Corruption
CVSS 5.5
CVE-1999-1568 HIGH
ncftpd_server < 2.4.1 - Denial of Service via Long PORT Command
CVSS 7.5
Details
Vulnerabilities 198
Links
MITRE CWE Entry Search this CWE With Exploits