VYPR
Unrated severityNVD Advisory· Published Aug 28, 2007· Updated Jun 16, 2026

CVE-2007-3846

CVE-2007-3846

Description

Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\ (dot dot backslash) sequence in the filename, as stored in the file repository.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:subversion:subversion:*:*:windows:*:*:*:*:*+ 1 more
    • cpe:2.3:a:subversion:subversion:*:*:windows:*:*:*:*:*range: <=1.4.4
    • (no CPE)range: <1.4.5
  • cpe:2.3:a:tortoisesvn:tortoisesvn:*:*:windows:*:*:*:*:*+ 1 more
    • cpe:2.3:a:tortoisesvn:tortoisesvn:*:*:windows:*:*:*:*:*range: <=1.4.4
    • (no CPE)range: <1.4.5

Patches

Vulnerability mechanics

References

13

News mentions

0

No linked articles in our index yet.