Format string exploits occur when a program writes user-supplied input to a formatted string, and the user is able to include formatting commands that are interpreted by the program. The following are some well-known C functions that are vulnerable to format string exploits: