CVE-2007-6404

Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a .. (dot dot backslash) in the URI.

Date published : 2007-12-17

http://www.securityfocus.com/bid/26768

http://www.securityfocus.com/archive/1/484761/100/0/threaded