Arbitrary File Write Vulnerability in NeoAxis NeoAxis Web Player

Arbitrary File Write Vulnerability in NeoAxis NeoAxis Web Player

CVE-2012-0907 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:P

Directory traversal vulnerability in the web player in NeoAxis NeoAxis web player 1.4 and earlier allows user-assisted remote attackers to write arbitrary files via a .. (dot dot) in a filename in the neoaxis_web_application_win32.zip ZIP archive.

Learn more about our Web App Pen Testing.