CVE-2013-1627

Publication date

2013-03-11 17:00:00

Family

icscert

State

PUBLISHED

Description

Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.