CVE-2014-9157

Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string...

CVE-2014-1315

Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a URL...

CVE-2013-1886

Format string vulnerability in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in...

Format string

Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service crash or possibly execute arbitrary code via format string specifiers in the Remote File field...

Format string

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service crash via format string specifiers in a destination filename...

CVE-2011-1764

Format string vulnerability in the dkimeximverifyfinish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via format string specifiers in data used in DKIM logging, as demonstrated by an identity field...

CVE-2011-2475

Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields,...

CVE-2010-0393

The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...

CVE-2009-0601

Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service application crash via format string specifiers in the HOME environment variable...

CVE-2008-1127

Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote authenticated users to execute arbitrary code via format string specifiers in the user name, which is triggered when the game character is killed...

Format string

Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 and earlier and beta 39a, and WebMail 3.1s and earlier, allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via format string specifiers in the page parameter...

CVE-2008-0945

Format string vulnerability in the logging function in the IM Server aka IMserve or IMserver in Ipswitch Instant Messaging IM 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in ...

CVE-2008-0101

Format string vulnerability in the swDebugf function in DuneApp.cpp in WhiteDune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a .WRL file...

CVE-2007-6625

The Platform Service Process asampsp in Fan-Out Driver Platform Services for Novell Identity Manager IDM 3.5.1 allows remote attackers to cause a denial of service daemon crash via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as...

CVE-2007-6386

Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service SfCtlCom.exe crash, and allows local users to gain privileges, via...

CVE-2007-6386

Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service SfCtlCom.exe crash, and allows local users to gain privileges, via...

CVE-2007-4754

Format string vulnerability in the safebprintf function in acesrc/acebotcmds.c in Alien Arena 2007 6.10 and earlier allows remote attackers to cause a denial of service daemon crash via format string specifiers in a nickname...

Format string

Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB APW file...

CVE-2007-2958

Format string vulnerability in the incputerror function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws Claws Mail 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies...

Format string

Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service service crash via format string specifiers in certain unexpected commands, which trigger a crash during error logging...