NuytsTech Security

CVE-2008-0946

by ·

Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field.

Date published : 2008-02-25

http://www.securityfocus.com/bid/27677

http://www.securityfocus.com/archive/1/487748/100/200/threaded

Tags: