Vulnerability Name: | CVE-2009-0364 (CCN-49395) | ||||||||||||||||
Assigned: | 2009-03-23 | ||||||||||||||||
Published: | 2009-03-23 | ||||||||||||||||
Updated: | 2009-04-02 | ||||||||||||||||
Summary: | Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors. | ||||||||||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||
Vulnerability Type: | CWE-134 | ||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2009-0364 Source: OSVDB Type: UNKNOWN 52915 Source: CCN Type: SA34434 Citadel webcit Module "embeddable_mini_calendar()" Format String Vulnerability Source: SECUNIA Type: UNKNOWN 34457 Source: CCN Type: Citadel Web site Email and Groupware - easy to install, easy to use Source: CONFIRM Type: Vendor Advisory http://www.citadel.org/doku.php/news:webcit.security.advisory.-.2009-march-23 Source: DEBIAN Type: UNKNOWN DSA-1752 Source: DEBIAN Type: DSA-1752 webcit -- format string vulnerability Source: CCN Type: OSVDB ID: 52915 WebCit mini_calendar Component Unspecified Format String Source: BID Type: Patch 34206 Source: CCN Type: BID-34206 WebCit Mini_Calendar Component Format String Vulnerability Source: XF Type: UNKNOWN webcit-minicalendar-format-string(49395) | ||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||||||||||
Oval Definitions | |||||||||||||||||
| |||||||||||||||||
BACK |