VYPR

CWE-134

Use of Externally-Controlled Format String

BaseDraftLikelihood: High

Description

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-135 · CAPEC-67

CVEs mapped to this weakness (252)

page 9 of 13
  • CVE-2013-1886Jan 24, 2014
    risk 0.00cvss epss 0.02

    Format string vulnerability in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via format…

  • CVE-2013-6809Dec 13, 2013
    risk 0.00cvss epss 0.03

    Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field.

  • CVE-2013-4389Oct 17, 2013
    risk 0.00cvss epss 0.03

    Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of service via a crafted e-mail address that is improperly handled during construction…

  • CVE-2013-4258Oct 9, 2013
    risk 0.00cvss epss 0.04

    Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in unspecified vectors, related to syslog.

  • CVE-2013-2852Jun 7, 2013
    risk 0.00cvss epss 0.01

    Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an…

  • CVE-2013-2851Jun 7, 2013
    risk 0.00cvss epss 0.00

    Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a…

  • CVE-2013-3560May 25, 2013
    risk 0.00cvss epss 0.02

    The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

  • CVE-2013-0929Jan 21, 2013
    risk 0.00cvss epss 0.03

    Format string vulnerability in the _vsnsprintf function in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before build 800 allows remote attackers to execute arbitrary code via format string specifiers in a command.

  • CVE-2012-4426Nov 21, 2012
    risk 0.00cvss epss 0.05

    Multiple format string vulnerabilities in mcrypt 2.6.8 and earlier might allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving (1) errors.c or (2) mcrypt.c.

  • CVE-2012-1152Sep 9, 2012
    risk 0.00cvss epss 0.02

    Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string specifiers in a (1) YAML stream to…

  • CVE-2012-1151Sep 9, 2012
    risk 0.00cvss epss 0.03

    Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the…

  • CVE-2012-2090Jun 17, 2012
    risk 0.00cvss epss 0.06

    Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml…

  • CVE-2012-2369May 23, 2012
    risk 0.00cvss epss 0.04

    Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message.

  • CVE-2012-0646Mar 8, 2012
    risk 0.00cvss epss 0.05

    Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.

  • CVE-2011-4357Dec 10, 2011
    risk 0.00cvss epss 0.03

    Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers…

  • CVE-2011-0185Oct 14, 2011
    risk 0.00cvss epss 0.00

    Format string vulnerability in the debug-logging feature in Application Firewall in Apple Mac OS X before 10.7.2 allows local users to gain privileges via a crafted name of an executable file.

  • CVE-2011-1764Oct 5, 2011
    risk 0.00cvss epss 0.04

    Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by…

  • CVE-2011-2475Jun 9, 2011
    risk 0.00cvss epss 0.04

    Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified…

  • CVE-2010-4235Apr 4, 2011
    risk 0.00cvss epss 0.04

    Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via vectors related to the x-wap-profile HTTP header.

  • CVE-2011-0173Mar 23, 2011
    risk 0.00cvss epss 0.02

    Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) display dialog or (2) display alert command in…