MidnightBSD

Advisories for neoaxis

CVE-2012-0907 MEDIUM

Directory traversal vulnerability in the web player in NeoAxis NeoAxis web player 1.4 and earlier allows user-assisted remote attackers to write arbitrary files via a .. (dot dot) in a filename in the neoaxis_web_application_win32.zip ZIP archive.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
neoaxis neoaxis_web_player *
neoaxis neoaxis_web_player 1.2
neoaxis neoaxis_web_player 1.1
neoaxis neoaxis_web_player 1.3