The vulnerability of the EPUB validator FlightCrew, related to insufficient validation of input data, allows a perpetrator to write arbitrary files.

The vulnerability of the EPUB validator FlightCrew is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to write arbitrary files into any directory within a Zip archive...

PT-2019-5201 · Flightcrew +1 · Flightcrew +1

Name of the Vulnerable Software and Affected Versions: FlightCrew versions 0.9.2 and older Description: The issue is related to insufficient input validation in the EPUB validator, allowing attackers to write arbitrary files via a ../ dot dot slash in a ZIP archive entry that is mishandled during...