WinImage 8.0/8.10 - File Handling Traversal Arbitrary File Overwrite

2014-07-01T00:00:00
ID SSV:83964
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/25687/info

WinImage is prone to a denial-of-service vulnerability and a directory-traversal vulnerability because the application fails to adequately sanitize user-supplied input.

Attackers can exploit these issues to cause a denial of service or to write malicious files to arbitrary directories.

WinImage 8.0 and 8.10 are vulnerable; other versions may also be affected. 

readme.txt/../../../../../../../../sth.bat
readme.txt<40 spaces here>/../../../../../../../../asdf.exe