Lucene search
HistoryNov 09, 2011 - 11:55 p.m.
CVE-2011-2739
emc
documentum
eroom
file-blocking
security
cve-2011-2739
8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.7%
The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploaded file.
Affected configurations
Node
emcdocumentum_eroomMatch7.3.0
ORemcdocumentum_eroomMatch7.4.1
ORemcdocumentum_eroomMatch7.4.2
ORemcdocumentum_eroomMatch7.4.3
Related
cvelist
cvelist
CVE-2011-2739
2011-11-09 23:00:00
securityvulns
securityvulns
EMC Documentum eRoom protection bypass
2011-11-04 00:00:00
ESA-2011-032: EMC Documentum eRoom arbitrary file upload vulnerability.
2011-11-04 00:00:00
prion
prion
Design/Logic Flaw
2011-11-09 23:55:00
nvd
nvd
CVE-2011-2739
2011-11-09 23:55:01
8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.7%
Related for CVE-2011-2739