Skip to main content

Use of Externally-Controlled Format String

CVE-2004-2714

Severity Medium
Score 6/10

Summary

Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vulnerability.

  • MEDIUM
  • NETWORK
  • SINGLE
  • PARTIAL
  • PARTIAL
  • PARTIAL

CWE-134 - Use of Externally-Controlled Format String

The software uses a function that accepts a format string as an argument, but the format string originates from an external source.

References

Advisory Timeline

  • Published