Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2000-11-14 05:00
Updated : 2024-02-04 16:31
NVD link : CVE-2000-0844
Mitre link : CVE-2000-0844
CVE.ORG link : CVE-2000-0844
JSON object : View
Products Affected
sun
- sunos
- solaris
redhat
- linux
debian
- debian_linux
slackware
- slackware_linux
trustix
- secure_linux
turbolinux
- turbolinux
suse
- suse_linux
sgi
- irix
immunix
- immunix
caldera
- openlinux_ebuilder
- openlinux
- openlinux_eserver
ibm
- aix
mandrakesoft
- mandrake_linux
conectiva
- linux
CWE
CWE-264
Permissions, Privileges, and Access Controls