Total
373 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2950 | 1 Php | 1 Php | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the phar_stream_flush function, leading to errors in the php_stream_wrapper_log_error function. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2094.
|
|||||
| CVE-2010-0388 | 1 Sun | 1 Java System Web Server | 2025-04-11 | 7.5 HIGH | N/A |
|
Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaration in a PROPFIND request.
|
|||||
| CVE-2012-2090 | 2 Flightgear, Simgear | 2 Flightgear, Simgear | 2025-04-11 | 9.3 HIGH | N/A |
|
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx.
|
|||||
| CVE-2007-4708 | 1 Apple | 1 Mac Os X | 2025-04-09 | 9.3 HIGH | N/A |
|
Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler.
|
|||||
| CVE-2006-6751 | 1 Dxmsoft | 1 Xm Easy Personal Ftp Server | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the USER command or certain other available or nonexistent commands. NOTE: It was later reported that 5.3.0 is also vulnerable.
|
|||||
| CVE-2009-0754 | 2 Apache, Php | 2 Apache, Php | 2025-04-09 | 2.1 LOW | N/A |
|
PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.
|
|||||
| CVE-2007-0646 | 1 Apple | 3 Imovie, Mac Os X, Safari | 2025-04-09 | 7.1 HIGH | N/A |
|
Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10, allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling the NSRunCriticalAlertPanel Apple AppKit function.
|
|||||
| CVE-2007-1006 | 1 Ekiga | 1 Ekiga | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet.
|
|||||
| CVE-2007-0753 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.2 HIGH | N/A |
|
Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows local users to execute arbitrary code via the -i parameter.
|
|||||
| CVE-2008-0989 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 6.9 MEDIUM | N/A |
|
Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to execute arbitrary code via format string specifiers in the local hostname.
|
|||||
| CVE-2007-3675 | 1 Kaspersky Lab | 1 Online Scanner | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer overflows.
|
|||||
| CVE-2009-2191 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in an application name.
|
|||||
| CVE-2008-0945 | 1 Ipswitch | 2 Imserver, Instant Messaging | 2025-04-09 | 3.5 LOW | N/A |
|
Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field.
|
|||||
| CVE-2007-4754 | 1 Cor Entertainment | 1 Alien Arena 2007 | 2025-04-09 | 7.5 HIGH | N/A |
|
Format string vulnerability in the safe_bprintf function in acesrc/acebot_cmds.c in Alien Arena 2007 6.10 and earlier allows remote attackers to cause a denial of service (daemon crash) via format string specifiers in a nickname.
|
|||||
| CVE-2008-7159 | 1 Silcnet | 1 Silc Toolkit | 2025-04-09 | 5.8 MEDIUM | N/A |
|
The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string.
|
|||||
| CVE-2008-7228 | 1 White Dune | 1 White Dune | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple format string vulnerabilities in White_Dune before 0.29beta851 have unspecified impact and attack vectors, a different vulnerability than CVE-2008-0101.
|
|||||
| CVE-2009-3275 | 1 Microsoft | 1 Enterprise Library | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Blocks/Common/Src/Configuration/Manageability/Adm/AdmContentBuilder.cs in Microsoft patterns & practices Enterprise Library (aka EntLib) allows context-dependent attackers to cause a denial of service (CPU consumption) via an input string composed of many \ (backslash) characters followed by a " (double quote), related to a certain regular expression, aka a "ReDoS" vulnerability.
|
|||||
| CVE-2008-7074 | 1 Memcode | 1 I.scribe | 2025-04-09 | 9.3 HIGH | N/A |
|
Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message."
|
|||||
| CVE-2009-1210 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 10.0 HIGH | N/A |
|
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-3617 | 1 Tatsuhiro Tsujikawa | 1 Aria2 | 2025-04-09 | 7.6 HIGH | N/A |
|
Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a download URI. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2007-2027 | 1 Elinks | 1 Elinks | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be leveraged to conduct format string attacks.
|
|||||
| CVE-2007-4550 | 1 Altools | 1 Alpass | 2025-04-09 | 5.1 MEDIUM | N/A |
|
Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file.
|
|||||
| CVE-2008-0963 | 1 Emc | 1 Diskxtender | 2025-04-09 | 9.0 HIGH | N/A |
|
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface.
|
|||||
| CVE-2009-1262 | 1 Fortinet | 1 Forticlient | 2025-04-09 | 7.2 HIGH | N/A |
|
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
|
|||||
| CVE-2008-1333 | 1 Asterisk | 1 Open Source | 2025-04-09 | 5.8 MEDIUM | N/A |
|
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function.
|
|||||
| CVE-2009-1886 | 1 Samba | 1 Samba | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename.
|
|||||
| CVE-2006-6772 | 1 W3m | 1 W3m | 2025-04-09 | 9.3 HIGH | N/A |
|
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL.
|
|||||
| CVE-2007-5825 | 1 Firefly | 1 Media Server | 2025-04-09 | 7.5 HIGH | N/A |
|
Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the "Authorization: Basic" HTTP header line.
|
|||||
| CVE-2009-0538 | 1 Symantec | 1 Pcanywhere | 2025-04-09 | 4.6 MEDIUM | N/A |
|
Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file).
|
|||||
| CVE-2007-5248 | 2 Id Software, Take2games | 3 Doom 3, Quake 4, Prey | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple format string vulnerabilities in the ID Software Doom 3 engine, as used by Doom 3 1.3.1 and earlier, Quake 4 1.4.2 and earlier, and Prey 1.3 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server or (2) a PB_U packet to UCON. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain.
|
|||||
| CVE-2007-5262 | 1 Battlefront | 1 Dropteam | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the (1) username, (2) password, and (3) nickname fields in a "0x01" packet.
|
|||||
| CVE-2008-3963 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-09 | 4.0 MEDIUM | N/A |
|
MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
|
|||||
| CVE-2008-1055 | 1 Netwin | 2 Surgemail, Webmail | 2025-04-09 | 7.5 HIGH | N/A |
|
Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 and earlier and beta 39a, and WebMail 3.1s and earlier, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in the page parameter.
|
|||||
| CVE-2007-4273 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | 4.6 MEDIUM | N/A |
|
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm).
|
|||||
| CVE-2008-3940 | 1 Hp | 1 Openvms | 2025-04-09 | 4.4 MEDIUM | N/A |
|
Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file.
|
|||||
| CVE-2008-0072 | 2 Gnome, Linux | 2 Evolution, Linux Kernel | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
|
|||||
| CVE-2007-0051 | 1 Apple | 1 Iphoto | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed.
|
|||||
| CVE-2007-0017 | 1 Videolan | 1 Vlc Media Player | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an invalid URI, as demonstrated by a udp://-- URI in an M3U file.
|
|||||
| CVE-2007-3880 | 1 Sun | 2 Net Connect Software, Sunos | 2025-04-09 | 7.2 HIGH | N/A |
|
Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog.
|
|||||
| CVE-2009-3294 | 2 Microsoft, Php | 4 Windows 7, Windows Server 2008, Windows Xp and 1 more | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The popen API function in TSRM/tsrm_win32.c in PHP before 5.2.11 and 5.3.x before 5.3.1, when running on certain Windows operating systems, allows context-dependent attackers to cause a denial of service (crash) via a crafted (1) "e" or (2) "er" string in the second argument (aka mode), possibly related to the _fdopen function in the Microsoft C runtime library. NOTE: this might not cross privilege boundaries except in rare cases in which the mode argument is accessible to an attacker outside of ...
Show More |
|||||