MiniWeb (http://sourceforge.net/projects/miniweb) is "a mini HTTP server implementation written in C language, featuring low system resource consumption, high efficiency, good flexibility and high portability". Two vulnerabilities have been discovered in MiniWeb, these allow a remote attacker to either cause the product to execute arbitrary code through the overflowing of an internal buffer, to access files that reside outside the bounding HTML root directory via a directory traversal vulnerability.

http://www.securiteam.com/windowsntfocus/5IP0M0AN5E.html