CVE-2010-2104

2010-05-27T22:30:00
ID CVE-2010-2104
Type cve
Reporter cve@mitre.org
Modified 2018-10-10T19:58:00

Description

Directory traversal vulnerability in Orbit Downloader 3.0.0.4 and 3.0.0.5 allows user-assisted remote attackers to write arbitrary files via a metalink file containing directory traversal sequences in the name attribute of a file element.