CVE-2013-3598 Information

Description

Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the name parameter.

Reference

http://buddhalabs.com/Advisories/WebAdvisories.html http://osvdb.org/96619 http://www.kb.cert.org/vuls/id/592942 http://www.searchblox.com/developers-2/change-log