Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Openlinux_ebuilder | Caldera | 3.0 (including) | 3.0 (including) |
| Immunix | Immunix | 6.2 (including) | 6.2 (including) |
| Linux | Conectiva | 4.0 (including) | 4.0 (including) |
| Linux | Conectiva | 4.0es (including) | 4.0es (including) |
| Linux | Conectiva | 4.1 (including) | 4.1 (including) |
| Linux | Conectiva | 4.2 (including) | 4.2 (including) |
| Linux | Conectiva | 5.0 (including) | 5.0 (including) |
| Linux | Conectiva | 5.1 (including) | 5.1 (including) |
| Irix | Sgi | 6.2 (including) | 6.2 (including) |
| Irix | Sgi | 6.3 (including) | 6.3 (including) |
| Irix | Sgi | 6.4 (including) | 6.4 (including) |
| Irix | Sgi | 6.5 (including) | 6.5 (including) |
| Irix | Sgi | 6.5.1 (including) | 6.5.1 (including) |
| Irix | Sgi | 6.5.2m (including) | 6.5.2m (including) |
| Irix | Sgi | 6.5.3 (including) | 6.5.3 (including) |
| Irix | Sgi | 6.5.3f (including) | 6.5.3f (including) |
| Irix | Sgi | 6.5.3m (including) | 6.5.3m (including) |
| Irix | Sgi | 6.5.4 (including) | 6.5.4 (including) |
| Irix | Sgi | 6.5.6 (including) | 6.5.6 (including) |
| Irix | Sgi | 6.5.7 (including) | 6.5.7 (including) |
| Irix | Sgi | 6.5.8 (including) | 6.5.8 (including) |