CVE-2022-47949

CRITICAL Year: 2022
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-120
View all →

Vulnerability Description

The Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons before 2.0.6 and other products, allows remote attackers to execute arbitrary code via a large UDP packet that causes a buffer overflow, aka ENLBufferPwn. The victim must join a game session with the attacker. Other affected products include Mario Kart 7 before 1.2, Mario Kart 8, Mario Kart 8 Deluxe before 2.1.0, ARMS before 5.4.1, Splatoon, Splatoon 2 before 5.5.1, Splatoon 3 before late 2022, Super Mario Maker 2 before 3.0.2, and Nintendo Switch Sports before late 2022.

Related Vulnerabilities

CVE-2006-6024

CRITICAL
CVSS:9.8(Critical)

Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudora WorldMail stack overflow" and (2) "Eudo...

CWE-1202006

CVE-2009-0948

CRITICAL
CVSS:9.8(Critical)

Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.

CWE-1202009

CVE-2009-5041

CRITICAL
CVSS:9.8(Critical)

overkill has buffer overflow via long player names that can corrupt data on the server machine

CWE-1202009

CVE-2010-1205

CRITICAL
CVSS:9.8(Critical)

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers ...

CWE-1202010

CVE-2010-5333

CRITICAL
CVSS:9.8(Critical)

The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code execu...

CWE-1202010