Описание
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-1262
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49633
- http://lists.grok.org.uk/pipermail/full-disclosure/2009-April/068583.html
- http://osvdb.org/53266
- http://secunia.com/advisories/34524
- http://www.layereddefense.com/FortiClient02Apr.html
- http://www.securityfocus.com/archive/1/502354/100/0/threaded
- http://www.securityfocus.com/archive/1/502602/100/0/threaded
- http://www.securityfocus.com/bid/34343
- http://www.securitytracker.com/id?1021966
- http://www.vupen.com/english/advisories/2009/0941
Связанные уязвимости
nvd
почти 17 лет назад
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.