CVE-2008-1564

Directory traversal vulnerability in Dan Costin File Transfer before 1.2f allows remote attackers to read arbitrary files via a ".." (dot dot backslash) in the filename.