Directory traversal vulnerability in lib/download.php in iTheora 1.0 rc1 allows remote attackers to read arbitrary files via directory traversal sequences in the url parameter.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/40506http://secunia.com/advisories/28929http://www.securityfocus.com/bid/27788http://menguy.aymeric.free.fr/theora/news.phphttp://en.wikipedia.org/wiki/Talk:Itheora
