https://owasp.org/www-community/attacks/Format_string_attack
Format string attack
Contributor(s): meir555
Description
The Format String exploit occurs when the submitted data of an input string is evaluated as a command by the application. In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application, causing new behaviors that could compromise the security or the stability of the system.
To understand the attack, it’s necessary to understand the components that constitute it.