VYPR

CWE-134

Use of Externally-Controlled Format String

BaseDraftLikelihood: High

Description

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-135 · CAPEC-67

CVEs mapped to this weakness (252)

page 13 of 13
  • CVE-2006-1840Apr 19, 2006
    risk 0.00cvss epss 0.01

    Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service (crash) via the (1) load, (2) spy and (3) bomb functions.

  • CVE-2006-0743Mar 9, 2006
    risk 0.00cvss epss 0.06

    Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.

  • CVE-2006-0771Feb 18, 2006
    risk 0.00cvss epss 0.03

    Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in invalid cvar values,…

  • CVE-2006-0150Jan 9, 2006
    risk 0.00cvss epss 0.05

    Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the username.

  • CVE-2006-0082Jan 4, 2006
    risk 0.00cvss epss 0.04

    Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as…

  • CVE-2005-3154Oct 5, 2005
    risk 0.00cvss epss 0.04

    Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in file or directory name.

  • CVE-2005-1122Apr 14, 2005
    risk 0.00cvss epss 0.03

    Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error").

  • CVE-2004-2714Dec 31, 2004
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vulnerability.

  • CVE-2004-2386Dec 31, 2004
    risk 0.00cvss epss 0.03

    Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function.

  • CVE-2004-1628Oct 23, 2004
    risk 0.00cvss epss 0.05

    Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code.

  • CVE-2003-0738Oct 20, 2003
    risk 0.00cvss epss 0.01

    The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of service (crash) via a long year parameter.

  • CVE-2002-0159Apr 22, 2002
    risk 0.00cvss epss 0.05

    Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or…