Directory traversal vulnerability in arCHMage 0.2.4 allows remote malicious users to write to arbitrary files via a .. (dot dot) in a CHM file.
archmage project archmage 0.2.4