Multiple directory traversal vulnerabilities in MimarSinan CompreXX 4.1 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .rar, (2) .jar or (3) .zip archive.
https://exchange.xforce.ibmcloud.com/vulnerabilities/33551
http://www.vupen.com/english/advisories/2007/1312
http://www.securityfocus.com/bid/23362
http://www.bugtraq.ir/articles/advisory/comprexx_directory_traversal/7