CVE-2013-5648
Affected software: libdigidoc (library) 3.6.0.0 used by ID-software before 3.7.2; component: DigiDocSAXParser.c (handleStartDataFile); vulnerability type: absolute path traversal. Root cause: unvalidated filename beginning with / or \ in a DDOC file allows remote attackers to overwrite arbitrary ...