Unsanitized Format Strings in Unix Locale Subsystem Functions

Unsanitized Format Strings in Unix Locale Subsystem Functions

CVE-2000-0844 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Learn more about our User Device Pen Test.