The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote malicious users to read arbitrary files from the client by specifying the full pathname for the file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
napster knapster napster |