Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows remote attackers to read arbitrary files via a (1) ... (triple dot) or (2) ..\ (dot dot backslash) in the URL.
https://exchange.xforce.ibmcloud.com/vulnerabilities/19900
http://www.securityfocus.com/bid/12937
http://www.autistici.org/fdonato/advisory/FastStone4in1Browser1.2-adv.txt
http://securitytracker.com/id?1013596