Use of Externally-Controlled Format String
CVE-2004-2714
Summary
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vulnerability.
- MEDIUM
- NETWORK
- SINGLE
- PARTIAL
- PARTIAL
- PARTIAL
CWE-134 - Use of Externally-Controlled Format String
The software uses a function that accepts a format string as an argument, but the format string originates from an external source.
References
Advisory Timeline
- Published