Vulnerabilities > Use of Externally-Controlled Format String
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-14 | CVE-2007-3880 | USE of Externally-Controlled Format String vulnerability in SUN NET Connect Software 3.2.3/3.2.4 Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog. | 7.2 |
2007-11-10 | CVE-2007-5396 | USE of Externally-Controlled Format String vulnerability in Miranda-Im Miranda IM 0.7.1 Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format string specifiers in the contact Yahoo! handle (who). | 6.8 |
2007-11-05 | CVE-2007-5825 | USE of Externally-Controlled Format String vulnerability in Firefly Media Server 0.2.4 Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the "Authorization: Basic" HTTP header line. | 7.5 |
2007-10-31 | CVE-2007-5740 | USE of Externally-Controlled Format String vulnerability in Vergenet Perdition Mail Retrieval Proxy The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. | 7.5 |
2007-10-18 | CVE-2007-5561 | USE of Externally-Controlled Format String vulnerability in Oracle Enterprise Grid Console Server and Opmn Daemon Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175. | 10.0 |
2007-10-18 | CVE-2007-5545 | USE of Externally-Controlled Format String vulnerability in Tibco Smart PGM FX Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. | 7.5 |
2007-10-12 | CVE-2007-3675 | USE of Externally-Controlled Format String vulnerability in Kaspersky LAB Online Scanner Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer overflows. | 9.3 |
2007-10-11 | CVE-2007-3917 | USE of Externally-Controlled Format String vulnerability in Wesnoth The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. | 7.8 |
2007-10-08 | CVE-2007-5265 | USE of Externally-Controlled Format String vulnerability in Dawnoftime Dawn of Time Multiple format string vulnerabilities in websrv.cpp in Dawn of Time 1.69s beta4 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) password fields when accessing certain "restricted zones", which are not properly handled by the (a) processWebHeader and (b) filterWebRequest functions. | 7.5 |
2007-10-08 | CVE-2007-5262 | USE of Externally-Controlled Format String vulnerability in Battlefront Dropteam Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the (1) username, (2) password, and (3) nickname fields in a "0x01" packet. | 7.5 |