DSA-1752-1 webcit -- format string vulnerabilityID: oval:org.secpod.oval:def:600452 | Date: (C)2011-05-13 (M)2022-10-10 |
Class: PATCH | Family: unix |
Wilfried Goesgens discovered that WebCit, the web-based user interface for the Citadel groupware system, contains a format string vulnerability in the mini_calendar component, possibly allowing arbitrary code execution . For the stable distribution , this problem has been fixed in version 7.37-dfsg-7. For the unstable distribution , this problem has been fixed in version 7.38b-dfsg-2. We recommend that you upgrade your webcit packages.