NuytsTech Security

CVE-2009-0497

by ·

Directory traversal vulnerability in log.jsp in Ignite Realtime Openfire 3.6.2 allows remote attackers to read arbitrary files via a .. (dot dot backslash) in the log parameter.

Date published : 2009-02-09

http://www.securityfocus.com/bid/32945

http://www.securityfocus.com/archive/1/499880/100/0/threaded

Tags: