Unrated severityNVD Advisory· Published Apr 7, 2009· Updated Jun 16, 2026
CVE-2009-1262
CVE-2009-1262
Description
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
Affected products
2cpe:2.3:h:fortinet:forticlient:3.0.614:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:fortinet:forticlient:3.0.614:*:*:*:*:*:*:*
- (no CPE)range: <=3.0.614
Patches
Vulnerability mechanics
References
10- secunia.com/advisories/34524nvdVendor Advisory
- www.vupen.com/english/advisories/2009/0941nvdVendor Advisory
- lists.grok.org.uk/pipermail/full-disclosure/2009-April/068583.htmlnvd
- osvdb.org/53266nvd
- www.layereddefense.com/FortiClient02Apr.htmlnvd
- www.securityfocus.com/archive/1/502354/100/0/threadednvd
- www.securityfocus.com/archive/1/502602/100/0/threadednvd
- www.securityfocus.com/bid/34343nvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/49633nvd
News mentions
0No linked articles in our index yet.