Format String Vulnerability in libsafe by ISS Technology
CVE-2002-0176

Currently unrated

Key Information:

Vendor: Avaya
Status: Libsafe
Vendor: CVE Published:; 22 April 2002

Summary

The format string vulnerability in libsafe versions 2.0-11 and earlier arises from the improper handling of argument indexing specifiers within its printf wrappers. This weakness can be exploited by attackers who inject unverified arguments into function calls, potentially leading to unauthorized access or control over applications relying on libsafe for input validation and security. As a result, applications using these vulnerable versions may be susceptible to exploitation, highlighting the importance of using updated and secure libraries.

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q1/...

mailing-listx_refsource_VULNWATCH

http://www.iss.net/security_center/static/8594.php

vdb-entryx_refsource_XF

http://online.securityfocus.com/archive/1/263121

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Apr 22, 2002
Vulnerability Reserved
Apr 15, 2002