Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0410

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-0410
Last Modified 01 Apr 2013 11:14:55
Published 05 Jul 2012 10:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0410

Summary

Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.

Vulnerable Systems

Application

  • Novell Groupwise 5.2

  • Novell Groupwise 5.5

  • Novell Groupwise 5.57e

  • Novell Groupwise 6.0

  • Novell Groupwise 6.0.1

  • Novell Groupwise 6.5

  • Novell Groupwise 6.5.2

  • Novell Groupwise 6.5.3

  • Novell Groupwise 6.5.4

  • Novell Groupwise 6.5.6

  • Novell Groupwise 6.5.7

  • Novell Groupwise 7.0

  • Novell Groupwise 7.0.3

  • Novell Groupwise 7.0.4

  • Novell Groupwise 7.01

  • Novell Groupwise 7.02

  • Novell Groupwise 7.03

  • Novell Groupwise 8.0

  • Novell Groupwise 8.00

  • Novell Groupwise 8.01

  • Novell Groupwise 8.02


References

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=712163

CONFIRM - http://www.novell.com/support/kb/doc.php?id=7000708

SECTRACK - 1027217


Last Updated: 27 May 2016 10:54:50