CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-0600

FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.057

EPSS Ranking 89.9%

CVSS Severity

CVSS v2 Score 7.8

References

http://www.novell.com/support/kb/doc.php?id=7015566
http://www.securitytracker.com/id/1030801
http://www.zerodayinitiative.com/advisories/ZDI-14-296/
https://bugzilla.novell.com/show_bug.cgi?id=879192
http://www.novell.com/support/kb/doc.php?id=7015566
http://www.securitytracker.com/id/1030801
http://www.zerodayinitiative.com/advisories/ZDI-14-296/
https://bugzilla.novell.com/show_bug.cgi?id=879192

Products affected by CVE-2014-0600

Novell » Groupwise » Version: 2014

cpe:2.3:a:novell:groupwise:2014

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0600

Products

Pricing

Contact Us