CVE-2007-2012

Name of the Vulnerable Software and Affected Versions MimarSinan CompreXX version 4.1

Description The issue concerns multiple directory traversal vulnerabilities. These vulnerabilities allow remote attackers to create files in arbitrary directories by including a .. (dot dot) in a .rar, .jar, or .zip archive.

Recommendations For MimarSinan CompreXX version 4.1, consider restricting the handling of .rar, .jar, and .zip archives to prevent directory traversal attacks until a patch is available. Avoid using the archive handling functionality in sensitive environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.