NuytsTech Security

CVE-2008-2795

by ·

Directory traversal vulnerability in the FTP and SFTP clients in IDM Computer Solutions Inc UltraEdit 14.00b allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) or a .. (dot dot backslash) in a response to a LIST command.

Date published : 2008-06-20

http://www.securityfocus.com/bid/29784

http://vuln.sg/ultraedit1400b-en.html

Tags: