CVE-2009-0364
published 2009-03-26CVE-2009-0364: Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute…
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.59%
83.4th percentile
Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citadel | webcit | <= 7.38 | — |
| citadel | webcit | — | — |
| citadel | webcit | — | — |
| citadel | webcit | — | — |
| citadel | webcit | — | — |
| citadel | webcit | — | — |
| citadel | webcit | — | — |
| citadel | webcit | >= 0 < 7.38b-dfsg-2 | 7.38b-dfsg-2 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rffq-q3v2-pw4q: Format string vulnerability in the mini_calendar component in Citadel
ghsa_unreviewed·2022-05-02
CVE-2009-0364 [HIGH] CWE-134 GHSA-rffq-q3v2-pw4q: Format string vulnerability in the mini_calendar component in Citadel
Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors.
OSV
CVE-2009-0364: Format string vulnerability in the mini_calendar component in Citadel
osv·2009-03-26·CVSS 7.5
CVE-2009-0364 [HIGH] CVE-2009-0364: Format string vulnerability in the mini_calendar component in Citadel
Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/52915http://secunia.com/advisories/34457http://www.citadel.org/doku.php/news:webcit.security.advisory.-.2009-march-23http://www.debian.org/security/2009/dsa-1752http://www.securityfocus.com/bid/34206http://osvdb.org/52915http://secunia.com/advisories/34457http://www.citadel.org/doku.php/news:webcit.security.advisory.-.2009-march-23http://www.debian.org/security/2009/dsa-1752http://www.securityfocus.com/bid/34206
2009-03-26
Published