By : LoneEagle E-mail : king_purba (at) yahoo.co (dot) uk [email concealed] http://kandangjamur.net Affected : IMENDIO PLANNER 0.13 PROJECT MANAGEMENT FEDORA 4. Impact : System Acces From : Remote Severity : Moderately Critical Description: ------------ Imendio planner was failed when opening file name format string. Remote attacker can exploit this vulnerabilty by creating a malicious filename that contain format string specifier. Successfull attacking can be used for executing arbitrary code. Solution : ---------- Don't open file from untursted source.