The software contains protection mechanisms to restrict access to 'realdir/filename', but it constructs pathnames using external input in the form of 'fakedir/../realdir/filename' that are not handled by those mechanisms. This allows attackers to perform unauthorized actions against the targeted file.
Time of Introduction
Implementation
Applicable Platforms
Languages
All
Common Consequences
Scope
Effect
Confidentiality
Integrity
Technical Impact: Read files or
directories; Modify files or
directories
This is a manipulation that uses an injection for one consequence
(containment violation using relative path) to achieve a different
consequence (equivalence by alternate name).