Vulnerabilities (CVE)

Filtered by CWE-134
Total 348 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0963 1 Emc 1 Diskxtender 2025-04-09 9.0 HIGH N/A
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface.
CVE-2008-7228 1 White Dune 1 White Dune 2025-04-09 10.0 HIGH N/A
Multiple format string vulnerabilities in White_Dune before 0.29beta851 have unspecified impact and attack vectors, a different vulnerability than CVE-2008-0101.
CVE-2007-6183 1 Ruby Gnome2 1 Ruby Gnome2 2025-04-09 6.8 MEDIUM N/A
Format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 (aka Ruby/Gnome2) 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter.
CVE-2007-5248 2 Id Software, Take2games 3 Doom 3, Quake 4, Prey 2025-04-09 9.3 HIGH N/A
Multiple format string vulnerabilities in the ID Software Doom 3 engine, as used by Doom 3 1.3.1 and earlier, Quake 4 1.4.2 and earlier, and Prey 1.3 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server or (2) a PB_U packet to UCON. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain.
CVE-2008-3116 1 Hanghai 3 5th Street, High Street 5, Hot Step 2025-04-09 10.0 HIGH N/A
Format string vulnerability in dx8render.dll in Snail Game (aka Suzhou Snail Electronic Company) 5th street (aka Hot Step or High Street 5) allows remote attackers to execute arbitrary code via format string specifiers in a chat message.
CVE-2007-5825 1 Firefly 1 Media Server 2025-04-09 7.5 HIGH N/A
Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to execute arbitrary code via a stats method action to /xml-rpc with format string specifiers in the (1) username or (2) password portion of base64-encoded data on the "Authorization: Basic" HTTP header line.
CVE-2009-1210 1 Wireshark 1 Wireshark 2025-04-09 10.0 HIGH N/A
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.
CVE-2008-7074 1 Memcode 1 I.scribe 2025-04-09 9.3 HIGH N/A
Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows remote SMTP servers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a server response, which is not properly handled "when displaying the signon message."
CVE-2009-3051 1 Silcnet 2 Silc Client, Silc Toolkit 2025-04-09 7.5 HIGH N/A
Multiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions.
CVE-2007-3675 1 Kaspersky Lab 1 Online Scanner 2025-04-09 9.3 HIGH N/A
Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer overflows.
CVE-2009-0538 1 Symantec 1 Pcanywhere 2025-04-09 4.6 MEDIUM N/A
Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file).
CVE-2007-4832 1 Immersion Games 1 Cellfactor Revolution 2025-04-09 7.5 HIGH N/A
Format string vulnerability in CellFactor Revolution 1.03 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a malformed nickname.
CVE-2007-2027 1 Elinks 1 Elinks 2025-04-09 4.4 MEDIUM N/A
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be leveraged to conduct format string attacks.
CVE-2008-7159 1 Silcnet 1 Silc Toolkit 2025-04-09 5.8 MEDIUM N/A
The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string.
CVE-2007-5561 1 Oracle 2 Enterprise Grid Console Server, Opmn Daemon 2025-04-09 10.0 HIGH N/A
Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175. NOTE: this might be the same issue as CVE-2007-0282 or CVE-2007-0280, but there are insufficient details to be sure.
CVE-2007-4273 1 Ibm 1 Db2 Universal Database 2025-04-09 4.6 MEDIUM N/A
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm).
CVE-2009-1262 1 Fortinet 1 Forticlient 2025-04-09 7.2 HIGH N/A
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
CVE-2009-1886 1 Samba 1 Samba 2025-04-09 9.3 HIGH N/A
Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename.
CVE-2007-0344 1 Colloquy 1 Colloquy 2025-04-09 7.5 HIGH N/A
Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in Colloquy 2.1 and earlier allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the channel name of an INVITE request, related to the implementation of AlertSheet and AlertPanel in Apple AppKit.
CVE-2007-3917 1 Wesnoth 1 Wesnoth 2025-04-09 7.8 HIGH N/A
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the truncate_message function in server/server.cpp. NOTE: this issue affects both clients and servers.