| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function. |
| Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field. |
| PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server. |
| Format string vulnerability in the CNS_AddTxt function in logs.dll in 2K Games Vietcong 2 1.10 and earlier might allow remote attackers to execute arbitrary code via format string specifiers in the nickname. |
| Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL certificate associated with an https URL. |
| Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. |
| Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. |
| MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement. |
| Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file. |
| Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors. |
| Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in an IP address field. |
| Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface. |
| Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) user name, (2) peer name, and possibly unspecified other fields. |
| Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer overflows. |
| Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175. NOTE: this might be the same issue as CVE-2007-0282 or CVE-2007-0280, but there are insufficient details to be sure. |
| Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connection tag. NOTE: there might not be any realistic circumstances in which this issue crosses privilege boundaries. |
| Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message." |
| Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name. |
| Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed. |
| The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. |
