Multiple ManageEngine Products CVE-2014-5006 Arbitrary File Upload Vulnerability

Bugtraq ID:	69493
Class:	Input Validation Error
CVE:	CVE-2014-5006
Remote:	Yes
Local:	No
Published:	Aug 31 2014 12:00AM
Updated:	Aug 31 2014 12:00AM
Credit:	Pedro Ribeiro
Vulnerable:	ZOHO Corporation ManageEngine MSPCentral 9 ZOHO Corporation ManageEngine DesktopCentral 8.0 build 80293 ZOHO Corporation ManageEngine DesktopCentral 8.0 build 80286 ZOHO Corporation ManageEngine DesktopCentral 9 build 90054 ZOHO Corporation ManageEngine DesktopCentral 8 ZOHO Corporation ManageEngine DesktopCentral 7
Not Vulnerable:	ZOHO Corporation ManageEngine DesktopCentral 9 build 90055

Multiple ManageEngine Products CVE-2014-5006 Arbitrary File Upload Vulnerability

Solution:
Reportedly, the issue is fixed; however, Symantec has not confirmed this. Please contact the vendor for more information.