NuytsTech Security

CVE-2006-1771

by ·

Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online (formerly Publicus) allows remote attackers to read arbitrary files and possibly execute arbitrary programs via a .. (dot dot) in the url parameter.

Date published : 2006-04-13

http://www.securityfocus.com/bid/17474

http://www.securityfocus.com/archive/1/430707/100/0/threaded

Tags: