Use of Externally-Controlled Format String
CVE-2018-15749
Summary
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability.
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- HIGH
- NONE
CWE-134 - Use of Externally-Controlled Format String
The software uses a function that accepts a format string as an argument, but the format string originates from an external source.
References
Advisory Timeline
- Published
