CVE-2006-2520
CVE-2006-2520 affects BitZipper (versions up to and including 4.1.2 SR-1). The flaw is a directory traversal in archive handling: a filename within a stored archive (RAR, TAR, ZIP, GZ, JAR) can contain a .. sequence, enabling an attacker to create files in arbitrary directories on the host. This ...