Lucene search
HistoryNov 09, 2011 - 11:55 p.m.
CVE-2011-2739
8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
7.3 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.7%
The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploaded file.
Affected configurations
Node
emcdocumentum_eroomMatch7.3.0
ORemcdocumentum_eroomMatch7.4.1
ORemcdocumentum_eroomMatch7.4.2
ORemcdocumentum_eroomMatch7.4.3
Related
securityvulns
securityvulns
EMC Documentum eRoom protection bypass
2011-11-04 00:00:00
ESA-2011-032: EMC Documentum eRoom arbitrary file upload vulnerability.
2011-11-04 00:00:00
cvelist
cvelist
CVE-2011-2739
2011-11-09 23:00:00
prion
prion
Design/Logic Flaw
2011-11-09 23:55:00
cve
cve
CVE-2011-2739
2011-11-09 23:55:01
8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
7.3 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.7%
Related for NVD:CVE-2011-2739