CVE-2013-5648

Name of the Vulnerable Software and Affected Versions libdigidoc versions 3.6.0.0

Description The issue is related to an absolute path traversal vulnerability in the handleStartDataFile function. This allows remote attackers to overwrite arbitrary files by using a filename that starts with a / (slash) or `` (backslash) in a DDOC file.

Recommendations For libdigidoc version 3.6.0.0, update to version 3.7.2 or later to resolve the issue.