FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote malicious users to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell groupwise 2014 |