CVE-2008-0797 Information

Description

Directory traversal vulnerability in lib/download.php in iTheora 1.0 rc1 allows remote attackers to read arbitrary files via directory traversal sequences in the url parameter.

Reference

http://en.wikipedia.org/wiki/Talk:Itheora http://menguy.aymeric.free.fr/theora/news.php http://secunia.com/advisories/28929 http://www.securityfocus.com/bid/27788 https://exchange.xforce.ibmcloud.com/vulnerabilities/40506 Directory traversal vulnerability in lib/download.php in iTheora 1.0 rc1 allows remote attackers to read arbitrary files via directory traversal sequences in the url parameter.