Arbitrary File Creation Vulnerability in Dzip before 2.9

Arbitrary File Creation Vulnerability in Dzip before 2.9

CVE-2005-1874 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive.

Learn more about our Web Application Penetration Testing UK.