Fix directory traversal issue (CVE-2011-2725).
Tim Brown from Nth Dimension noticed a possible traversal issue where the previewer dialog would show (and then remove) the wrong file when a maliciously crafted archive had a file previewed. We now do the same thing as infozip and filter out "../" from the paths being previewed.
parent
472c672c
Please register or sign in to comment