CVE-2007-1954 Information

Description

Multiple directory traversal vulnerabilities in ArchiveXpert 2.02 build 80 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .gz (2) .jar (3) .rar (4) .tar.gz (5) .zip or (6) .tar file.

Reference

http://secunia.com/advisories/24827 http://www.bugtraq.ir/articles/advisory/archivexpert_directory_traversal/8 http://www.securityfocus.com/bid/23372 http://www.vupen.com/english/advisories/2007/1311 https://exchange.xforce.ibmcloud.com/vulnerabilities/33539