CVE-2010-3743

Name of the Vulnerable Software and Affected Versions Visual Synapse HTTP Server versions 0.60 and earlier, 1.0 RC1 through RC3

Description A directory traversal issue allows remote attackers to read arbitrary files by including a .. (dot dot) in the URI. This could potentially expose sensitive information.

Recommendations For versions 0.60 and earlier, and 1.0 RC1 through RC3, consider restricting access to sensitive files and directories until a patch is available. As a temporary workaround, consider disabling the ability to access files using the .. (dot dot) notation in the URI until a fix is released.