CWE-134
High likelihoodUse of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
379 vulnerabilities with CWE-134
CVE-2010-4235
Realnetworks Helix Server - Format String Vulnerability
CVE-2010-4013
Apple Mac OS X - Format String Vulnerability
CVE-2010-2950
PHP <5.3.3 - Info Disclosure
CVE-2010-2451
Kvirc - Format String Vulnerability
CVE-2010-1376
Apple Mac OS X <10.6.4 - RCE
CVE-2010-2271
Accoria Rock Web Server - Format String Vulnerability
CVE-2010-2094
Php - Format String Vulnerability
CVE-2010-1039
IBM AIX <6.1, VIOS <2.1, HP-UX <B.11.23, IRIX <6.5 - RCE
CVE-2010-1550
HP OpenView Network Node Manager <7.53 - RCE
CVE-2010-1139
VMware VIX API <1.6 - Privilege Escalation
CVE-2010-0743
Zaal Tgt < 0.9.5 - Format String Vulnerability
CVE-2010-0388
SUN Java System Web Server - Format String Vulnerability
CVE-2009-5141
Jgaa Warftpd - Format String Vulnerability
CVE-2009-4811
Vmware Ace - Format String Vulnerability
CVE-2009-4775
Ipswitch WS_FTP Pro <12.2 - DoS
CVE-2009-4769
httpdx <1.5 - RCE
CVE-2009-3732
Vmware Ace < 2.5.4 - Format String Vulnerability
CVE-2009-4014
Lintian <2.3.2 - Buffer Overflow
CVE-2009-3617
Tatsuhiro Tsujikawa Aria2 < 1.6.1 - Format String Vulnerability
CVE-2009-3707
Vmware Ace - Format String Vulnerability
CVE-2009-3663
Jasper Httpdx - Format String Vulnerability
CVE-2009-3294
Php < 5.2.11 - Format String Vulnerability
CVE-2009-3275
Microsoft Enterprise Library - Format String Vulnerability
CVE-2009-3163
Silcnet Silc Client < 1.1.8 - Format String Vulnerability
CVE-2009-3051
Silcnet Silc Client < 1.1.7 - Format String Vulnerability
Details
Vulnerabilities
379
Exploit Likelihood
High