I'm sure all the CS people reading this (and maybe even some of the non-CS types!) are familiar with buffer overflow attacks, and know how to both protect against them and exploit them in other people's code, or at least have a vague idea about how to do it. However, fewer people have heard of format string attacks. Here's a fairly detailed ( Read more... )