10 lines
No EOL
530 B
Text
10 lines
No EOL
530 B
Text
source: http://www.securityfocus.com/bid/25687/info
|
|
|
|
WinImage is prone to a denial-of-service vulnerability and a directory-traversal vulnerability because the application fails to adequately sanitize user-supplied input.
|
|
|
|
Attackers can exploit these issues to cause a denial of service or to write malicious files to arbitrary directories.
|
|
|
|
WinImage 8.0 and 8.10 are vulnerable; other versions may also be affected.
|
|
|
|
readme.txt/../../../../../../../../sth.bat
|
|
readme.txt<40 spaces here>/../../../../../../../../asdf.exe |