Upstream information
Description
FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.SUSE information
Overall state of this security issue: Does not affect SUSE products
No SUSE Bugzilla entries cross referenced.SUSE Security Advisories:
- TID7015566, published Sat May 19 21:49:02 CEST 2018
SUSE Timeline for this CVE
CVE page created: Wed Aug 27 21:29:56 2014CVE page last modified: Tue Jul 1 12:22:13 2025