Directory traversal in KCS_OPEN_PROFILE may be exploited via ToolTalk.
vulners.com/securityvulns/securityvulns:doc:4002