BitsCast 0.13.0 allows remote attackers to cause a denial of service (application crash) via an RSS 2.0 feed item with certain invalid strings in a pubDate element, as demonstrated by repeated "../A" or "A/../" patterns.Referenceshttp://osvdb.org/39767https://www.exploit-db.com/exploits/3929https://exchange.xforce.ibmcloud.com/vulnerabilities/34344http://www.securityfocus.com/bid/23993
