2 matches found
Directory traversal
Directory traversal vulnerability in the Notes aka Flash Notes or instant messages feature in tb2ftp.dll in Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, allows remote attackers to upload files to arbitrary locations via a destination filename with a \ backslash character followe...
CVE-2008-1117
CVE-2008-1117 describes a directory traversal/file upload vulnerability in Timbuktu Pro 8.6.5 for Windows (tb2ftp.dll) with possible impact on Mac OS X 8.7. An attacker can upload a file to an arbitrary location by crafting a destination filename that uses a backslash followed by "../" sequences,...