CVE-2003-0940 Information

Description

Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.

Reference

http://www.atstake.com/research/advisories/2003/a111703-2.txt