Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13783
HistoryAug 08, 2006 - 12:00 a.m.

IMENDIO PLANNER REMOTE FILENAME FORMAT STRING VULNERABILITY

2006-08-0800:00:00
vulners.com
24
JSON

By : LoneEagle
E-mail : [email protected]
http://kandangjamur.net
Affected :
IMENDIO PLANNER 0.13
PROJECT MANAGEMENT FEDORA 4.
Impact : System Acces
>From : Remote
Severity : Moderately Critical

Description:

Imendio planner was failed when opening file name format string.
Remote attacker can exploit this vulnerabilty by creating a malicious
filename that contain format string specifier. Successfull attacking can be used
for executing arbitrary code.

Solution :

Don't open file from untursted source.

JSON