VULHUB ™

BSCW (Basic Support for Cooperative Work) enables collaboration over the Web. BSCW is a 'shared workspace' system which supports document upload, event notification, group management and much more. A vulnerability exists in BSCW that may allow users to view arbitrary files on a system. When users view extracted files in their "data-bag", BSCW will follow symbolic links. A malicious user may be able to exploit this problem to view any file on a system accessible by the user id under which BSCW runs.

BSCW (Basic Support for Cooperative Work) enables collaboration over the Web. BSCW is a 'shared workspace' system which supports document upload, event notification, group management and much more. A vulnerability exists in BSCW that may allow users to view arbitrary files on a system. When users view extracted files in their "data-bag", BSCW will follow symbolic links. A malicious user may be able to exploit this problem to view any file on a system accessible by the user id under which BSCW runs.