Launchpad.net

CVE 2003-0282

Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.

See the CVE page on Mitre.org for more details.