Format string

Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service service crash via format string specifiers in certain unexpected commands, which trigger a crash during error logging...

CVE-2007-3950

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...

Format string

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...

CVE-2007-3950

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...

CVE-2007-3950

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...

CVE-2007-3950

CVE-2007-3950 affects lighttpd 1.4.15 on 32‑bit platforms. The issue is caused by incompatible format specifiers in debugging messages within the modules (mod_scgi, mod_fastcgi, mod_webdav), allowing remote attackers to cause a denial of service (daemon crash). The connected documents indicate th...

CVE-2007-0957

Stack-based buffer overflow in the krb5klogsyslog function in the kadm5 library, as used by the Kerberos administration daemon kadmind and Key Distribution Center KDC, in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via...

CVE-2007-1463

Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs...

Format string

Multiple format string vulnerabilities in comm.c in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via format string specifiers to the createctcpmessage function using the message argument to the 1 me or 2 ctcp commands, and possibly related vectors involving the 3 whois, 4...

Format string

Format string vulnerability in Apple Safari 2.0.4 419.3 allows remote user-assisted attackers to cause a denial of service crash via format string specifiers in filenames that are not properly handled when calling the 1 NSLog and 2 NSBeginAlertSheet Apple AppKit functions...

Format string

Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service crash via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions...

Format string

Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a denial of service crash via format string specifiers in a filename, which is not properly handled when calling the NSBeginAlertSheet Apple AppKit function...

CVE-2007-0645

Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service crash via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions...

CVE-2007-0255

XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a certain M3U file that contains a long EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017...

ANDR : Format String Vulnerability

Format string vulnerability Andrey Kolischak March, 2001 [email protected] Format string vulnerability It is no secret that most of the software, in addition to specific vulnerabilities, contains “holes” associated with an incorrect programming style. If some of these holes, such as buffer overflows,...

CVE-2006-5033

Unspecified vulnerability in StoresAndCalendarsList.cgi in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to cause a denial of service via the session parameter, possibly related to format string specifiers or malformed URL encoding...

CVE-2006-5033

Unspecified vulnerability in StoresAndCalendarsList.cgi in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to cause a denial of service via the session parameter, possibly related to format string specifiers or malformed URL encoding...

CVE-2006-4127

Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrators to execute arbitrary code via format string specifiers that are not properly handled when calling the 1 privmsg or 2 pubmsg functions from a cmd.user.c, b penalties.c, or c cmd.dc.c...

CVE-2006-3908

Format string vulnerability in the flushoutput function in ConsoleStreambuf.cpp in Game Network Engine GNE 0.70 and earlier allows remote attackers to cause a denial of service crash and possibly execute code via format string specifiers in unspecified vectors involving output to the gout console...

Format string

Format string vulnerability in ANSI C Sender Policy Framework library libspf before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address...