CVE-2003-0650

Name of the Vulnerable Software and Affected Versions: GameSpy Arcade versions prior to 1.3e

Description: A directory traversal issue in GSAPAK.EXE allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) sequences in filenames in a .APK (Zip) file.

Recommendations: For versions prior to 1.3e, update to version 1.3e or later to resolve the issue. As a temporary workaround, consider restricting the execution of GSAPAK.EXE or limiting its access to trusted .APK files until the update is applied.