CVE-2013-4510 Information

Description

Directory traversal vulnerability in the client in Tryton 3.0.0 as distributed before 20131104 and earlier allows remote servers to write arbitrary files via path separators in the extension of a report.

Reference

http://hg.tryton.org/tryton/rev/357d0a4d9cb8 http://www.debian.org/security/2013/dsa-2791 http://www.openwall.com/lists/oss-security/2013/11/04/21 http://www.tryton.org/posts/security-release-for-issue3446.html https://bugs.tryton.org/issue3446