CVE-2008-7093 Information

Description

Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to Campaign/CampaignListener.

Reference

http://secunia.com/advisories/31280 http://www.osvdb.org/47519 http://www.osvdb.org/47529 http://www.portcullis.co.uk/287.php http://www.portcullis.co.uk/291.php http://www.securityfocus.com/bid/30433 https://exchange.xforce.ibmcloud.com/vulnerabilities/44071 https://exchange.xforce.ibmcloud.com/vulnerabilities/44075