redhat · CVE-2000-0844

Quick triage

Priority: not assigned Published: 2000-09-04 00:00:00 UTC Updated: 2000-09-04 00:00:00 UTC

View at Official redhat advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Description:

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

cvelogic Threat Intelligence