Feature Value
Type Detection/Protection
Risk Other
Covered by Agent

The Format String exploit occurs when the submitted data of an input string is evaluated as a command by the application. In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application, causing new behaviors that could compromise the security or the stability of the system.

More information

How to solve it

Ideally, a developer should never use a vulnerable input as the source of the format for a String.