Directory Traversal Vulnerability in Novell GroupWise by Novell
CVE-2012-0410

Currently unrated

Key Information:

Vendor: Novell
Status: Groupwise
Vendor: CVE Published:; 5 July 2012

What is CVE-2012-0410?

A directory traversal vulnerability exists in the WebAccess component of Novell GroupWise prior to version 8.03. This flaw enables remote attackers to exploit the User.interface parameter to access and read arbitrary files on the server. Such unauthorized file access can lead to sensitive information disclosure, allowing attackers to compromise system integrity and user privacy. Organizations using affected versions of GroupWise should prioritize applying updates to mitigate the risks associated with this vulnerability.

References

http://www.securitytracker.com/id?1027217

vdb-entryx_refsource_SECTRACK

https://bugzilla.novell.com/show_bug.cgi?id=712163

x_refsource_CONFIRM

http://www.novell.com/support/kb/doc.php?id=7000708

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 5, 2012
Vulnerability Reserved
Jan 9, 2012