TUCoPS :: HP Unsorted I :: b06-4070.htm

IMENDIO PLANNER REMOTE FILENAME FORMAT STRING VULNERABILITY
IMENDIO PLANNER REMOTE FILENAME FORMAT STRING VULNERABILITY
IMENDIO PLANNER REMOTE FILENAME FORMAT STRING VULNERABILITY


By : LoneEagle =0D
E-mail : king_purba@yahoo.co.uk=0D 
http://kandangjamur.net=0D 
Affected :=0D
IMENDIO PLANNER 0.13=0D
PROJECT MANAGEMENT FEDORA 4.=0D
Impact : System Acces=0D
>From : Remote=0D
Severity : Moderately Critical=0D
=0D
Description:=0D
------------=0D
Imendio planner was failed when opening file name format string.=0D
Remote attacker can exploit this vulnerabilty by creating a malicious =0D
filename that contain format string specifier. Successfull attacking can be used =0D
for executing arbitrary code.=0D
=0D
Solution :=0D
----------=0D
Don't open file from untursted source.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH