CVE-2009-0364

2009-03-2605:50:27

CWE-134

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.042

Percentile

92.3%

JSON

Format string vulnerability in the mini_calendar component in Citadel.org WebCit 7.22, and other versions before 7.39, allows remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd

Node

citadelwebcitRange≤7.38

citadelwebcitMatch7.02

citadelwebcitMatch7.10

citadelwebcitMatch7.11

citadelwebcitMatch7.12

citadelwebcitMatch7.22

citadelwebcitMatch7.37

VendorProductVersionCPE
citadelwebcit*cpe:2.3:a:citadel:webcit:*:*:*:*:*:*:*:*
citadelwebcit7.02cpe:2.3:a:citadel:webcit:7.02:*:*:*:*:*:*:*
citadelwebcit7.10cpe:2.3:a:citadel:webcit:7.10:*:*:*:*:*:*:*
citadelwebcit7.11cpe:2.3:a:citadel:webcit:7.11:*:*:*:*:*:*:*
citadelwebcit7.12cpe:2.3:a:citadel:webcit:7.12:*:*:*:*:*:*:*
citadelwebcit7.22cpe:2.3:a:citadel:webcit:7.22:*:*:*:*:*:*:*
citadelwebcit7.37cpe:2.3:a:citadel:webcit:7.37:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
citadel	webcit	*	cpe:2.3:a:citadel:webcit::::::::
citadel	webcit	7.02	cpe:2.3:a:citadel:webcit:7.02:::::::*
citadel	webcit	7.10	cpe:2.3:a:citadel:webcit:7.10:::::::*
citadel	webcit	7.11	cpe:2.3:a:citadel:webcit:7.11:::::::*
citadel	webcit	7.12	cpe:2.3:a:citadel:webcit:7.12:::::::*
citadel	webcit	7.22	cpe:2.3:a:citadel:webcit:7.22:::::::*
citadel	webcit	7.37	cpe:2.3:a:citadel:webcit:7.37:::::::*