2 matches found
Fortinet FortiClient Crafted VPN Connection Name Handling Local Format String
FortiClient, a client-based software solution intended to provide security features for enterprise computers and mobile devices, is installed on the remote Windows host. The installed version does not properly handle format string specifiers within a VPN connection name. A local user may be able ...
CVE-2009-1262
Fortinet FortiClient 3.0.614 (and possibly earlier) contains a local format-string vulnerability in the handling of VPN connection names. The flaw allows a local user to read and write arbitrary memory with SYSTEM privileges by supplying crafted format specifiers, enabling code execution under SY...