HTC OBEX FTP Service Directory Traversal Vulnerability

The HTC OBEX FTP service is prone to a directory-traversal vulnerability.

Exploiting this issue allows an attacker to write arbitrary files to locations outside the application's current directory, download arbitrary files, and obtain sensitive information. Other attacks may also be possible.

The issue affects HTC devices running the OBEX FTP service on Windows Mobile 6.0 and 6.1.


 

Privacy Statement
Copyright 2010, SecurityFocus