A new class of vulnerabilities discovered in June 2000. Prior to that, format-string attacks were believed to be harmless. The problem seems to be rooted in the use of unfiltered user input in the format string parameter in various C programming language’s functions that perform formatting—such as the printf() function format string. A cracker could, for example, use %s and %x format tokens to print from the stack or from other memory locations. Using the %n format token, crackers could insert carefully crafted code into the memory space of a running program and have it be executed. This software flaw has resulted in discovered vulnerabilities in more than 150 common tools.

See Also: Exploit; Programming Languages C, C++, Perl, and Java.