2 results (0.004 seconds)

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 1

The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe. Los envolventes de printf() en libsafe 2.0-11 y anteriores no manejan adecuamente especificadores de indización de argumentos, lo que podria permitir a atacantes explotar ciertas llamadas a funciones mediante argumentos no verificados por libsafe. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0070.html http://online.securityfocus.com/archive/1/263121 http://www.iss.net/security_center/static/8594.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-026.php http://www.securityfocus.com/bid/4327 •

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 1

libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe. libsafe 2.0-11 y anteriores permiten a atacantes sortear la protección contra vulnerabilidades de cadenas formateadas mediante cadenas formateadas que usan caractéres "|" (tubería) y otros, que están implentados en libc pero no en libsafe. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0070.html http://online.securityfocus.com/archive/1/263121 http://www.iss.net/security_center/static/8593.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-026.php http://www.securityfocus.com/bid/4326 •