Critical : Highly critical
Impact : System access
Where : From remote
The vulnerability is confirmed in versions 9.64 and 10.01. Other versions may also be affected.
The vulnerability is reportedly addressed in the latest RC and will be fixed in an upcoming stable version.
Update to version 10.10.
Provided and/or discovered by:
Maksymilian Arciemowicz and sp3x
2009-11-23: Updated "Solution" section. Added link to "Original Advisory" section.