CWE-134
High likelihoodUse of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
379 vulnerabilities with CWE-134
CVE-2012-0824
CRITICAL
gnusound 0.7.5 - Buffer Overflow
CVSS 9.8
CVE-2012-4426
Mcrypt < 2.6.8 - Format String Vulnerability
CVE-2012-3569
Vmware Ovf Tool - Format String Vulnerability
CVE-2012-1152
Ingy Yaml - Format String Vulnerability
CVE-2012-1151
Perl < 2.18.1 - Format String Vulnerability
CVE-2012-2288
EMC Networker - Format String Vulnerability
CVE-2012-1851
Microsoft Windows 7 - Format String Vulnerability
CVE-2012-2090
Flightgear < 2.6.0 - Format String Vulnerability
CVE-2012-2369
Pidgin <3.2.1 - RCE
CVE-2012-0646
Apple iOS <5.1 - RCE
CVE-2012-0242
Advantech Webaccess < 6.0 - Format String Vulnerability
CVE-2012-0809
Sudo <1.8.4 - RCE
CVE-2011-10029
HIGH
Solar FTP Server - DoS
CVE-2011-1588
HIGH
Thunar <1.3.1 - Info Disclosure
CVSS 7.8
CVE-2011-4930
Condor - Format String Vulnerability
CVE-2011-4357
Clearsilver <0.10.5 - RCE
CVE-2011-0185
Apple Mac OS X <10.7.2 - Privilege Escalation
CVE-2011-1764
Exim <4.76 - RCE
CVE-2011-2475
Sybase Onebridge Mobile Data Suite - Format String Vulnerability
CVE-2011-1568
7-Technologies IGSS <9.00.00.11074 - RCE
CVE-2011-0173
AppleScript <10.6.7 - RCE
CVE-2011-1153
Php < 5.3.5 - Format String Vulnerability
CVE-2011-0270
HP Openview Network Node Manager - Format String Vulnerability
CVE-2010-10017
HIGH
WM Downloader 3.1.2.2 - Buffer Overflow
CVE-2010-3438
CRITICAL
libpoe-component-irc-perl <6.32 - Code Injection
CVSS 9.8
Details
Vulnerabilities
379
Exploit Likelihood
High