By : LoneEagle

E-mail : king_purba (at) yahoo.co (dot) uk [email concealed]

http://kandangjamur.net

Affected :

IMENDIO PLANNER 0.13

PROJECT MANAGEMENT FEDORA 4.

Impact : System Acces

From : Remote

Severity : Moderately Critical

Description:

------------

Imendio planner was failed when opening file name format string.

Remote attacker can exploit this vulnerabilty by creating a malicious

filename that contain format string specifier. Successfull attacking can be used

for executing arbitrary code.

Solution :

----------

Don't open file from untursted source.