2006-03-14 00:00:00
mitre
PUBLISHED
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." (dot dot) sequences in a filename.