Debian Security Advisory 1752-1 – Wilfried Goesgens discovered that WebCit, the web-based user interface for the Citadel groupware system, contains a format string vulnerability in the mini_calendar component, possibly allowing arbitrary code execution (CVE-2009-0364).
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/75978/dsa-1752-1.txt
Source: https://packetstormsecurity.com/files/75978/Debian-Linux-Security-Advisory-1752-1.html