CVE-2009-1262

Published: Apr 7, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20090410 Re: Layered Defense Research Advisory: Format String Vulnerability: FortiClient Version 3

mailing-list

x_refsource_BUGTRAQ

http://www.layereddefense.com/FortiClient02Apr.html

x_refsource_MISC

34524

third-party-advisory

x_refsource_SECUNIA

34343

vdb-entry

x_refsource_BID

53266

vdb-entry

x_refsource_OSVDB

ADV-2009-0941

vdb-entry

x_refsource_VUPEN

1021966

vdb-entry

x_refsource_SECTRACK

20090402 Layered Defense Research Advisory: Format String Vulnerability: FortiClient Version 3

mailing-list

x_refsource_FULLDISC

forticlient-vpn-format-string(49633)

vdb-entry

x_refsource_XF

20090402 Layered Defense Research Advisory: Format String Vulnerability: FortiClient Version 3

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-1262

Description

Affected Products

References