Package: unicon-imc2 Vulnerability: buffer overflow Problem Type: local CVE ID(s): CVE-2007-2835 Debian-specific: no Debian Security Advisory (DSA): DSA-1328 Description: A buffer overflow vulnerability was discovered in unicon-imc2, a Chinese input method library. This could be exploited to execute arbitrary code due to unsafe use of an environmental variable. Patch Availability: - For stable distribution (etch): Fixed in version 3.0.4-11etch1 - For unstable distribution (sid): Will be fixed shortly Upgrade Instructions: URLs provided for downloading updated package versions for various architectures (alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc) Recommendation: Upgrade unicon-imc2 package to mitigate the vulnerability