CVE-2014-0600

Publication date

2014-08-29 10:00:00

Family

mitre

State

PUBLISHED

Description

FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.