110 matches found
CVE-2016-8213
EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and...
HTML Injection Vulnerability in Multiple EMC Products
EMC Documentum WebTop is a suite of products that allow users to access Documentum repositories and content management services in a standard browser application.Documentum Administrator is a set of Web-based development tools for performing Documentum system administration tasks. Documentum...
CVE-2016-0914
EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Documentum TaskSpace 6.7 SP3 allow remote authenticated users to bypass intended access restrictions...
Multiple EMC Product Privilege Bypass Vulnerabilities
EMC Documentum WebTop is a suite of products that allow users to access Documentum repositories and content management services in a standard browser application.Documentum Administrator is a set of Web-based development tools for performing Documentum system administration tasks. Documentum...
CVE-2016-0914
EMC Documentum WebTop and related components are affected by CVE-2016-0914. The vulnerability allows remote authenticated users to bypass intended access restrictions and execute arbitrary IAPI/IDQL commands via the IAPI/IDQL interface. Affected products/versions and patches (as described): WebTo...
CVE-2016-0914
EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Documentum TaskSpace 6.7 SP3 allow remote authenticated users to bypass intended access restrictions...
The vulnerability relates to the EMC Documentum Administrator, a tool for managing electronic document systems; the EMC Documentum Digital Asset Management, a tool for managing multimedia materials within electronic document systems; the EMC Documentum TaskSpace, a tool for accessing the repository of electronic document systems; and the EMC Documentum Web Publisher, a system for managing web projects. The vulnerability also affects the web interface that provides access to the EMC Documentum Webtop repository. This vulnerability allows an attacker to inject arbitrary web scripts or HTML code.
The vulnerability of the EMC Documentum Administrator, a tool for managing electronic document systems, and the EMC Documentum Digital Asset Management tool for managing multimedia materials within electronic document systems, as well as the tools for accessing the EMC Documentum TaskSpace...
The vulnerability of the EMC Documentum electronic document management system allows a hacker to redirect users to any desired website.
The vulnerabilities of the Documentum WebTop, Documentum Administrator, Documentum Digital Assets Manager, Documentum Web Publishers, and Documentum Task Space components of the EMC Documentum electronic document management system are related to the use of open redirection. Exploiting these...
ESA-2015-130: EMC Documentum WebTop and WebTop Clients Cross-Site Request Forgery Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-130: EMC Documentum WebTop and WebTop Clients Cross-Site Request Forgery Vulnerability EMC Identifier: ESA-2015-130 CVE Identifier: CVE-2015-4530 Severity Rating: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected products: • EMC...
CVE-2015-4530
EMC Documentum CSRF vulnerability CVE-2015-4530 affects WebTop and related components (WebTop, WebTop-based clients; Administrator up to 7.2; DAM 6.5SP6; Web Publishers 6.5SP7; Task Space 6.7SP2). Root cause: incomplete fix for CVE-2014-2518. Impact: attackers can hijack user sessions, performing...
Cross-Site Request Forgery Vulnerability in Multiple EMC Documentum Products
EMC Documentum WebTop is a suite of products that allow users to access Documentum repositories and content management services in a standard browser application.Documentum Administrator is a Web-based development tool used to perform Documentum system management tasks. Documentum Administrator i...
ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability ESA Identifier: ESA-2015-123 CVE Identifier: CVE-2015-4529 Severity Rating: CVSS v2 Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N Affected products: • EMC Documentum WebTop versions 6.8 and...
EMC Documentum WebTop Open Redirect Vulnerability
EMC Documentum WebTop is a document management service. An open redirection vulnerability exists in the EMC Documentum WebTop WEB interface, which allows an attacker to construct a malicious URI, trick the user into parsing it, and redirect the user to an arbitrary WEB site for phishing attacks...
CVE-2015-4529
Open redirect vulnerability in EMC Documentum WebTop before 6.8P02, Documentum Administrator before 7.2P01, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7SP2 allows remote attackers to redirect users to arbitrary w...
ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities CVE Identifier: CVE-2015-0551, CVE-2015-4524 Severity Rating: CVSS v2 Base Score: See below for CVSSv2 scores for individual CVEs Affected products: • EMC Documentum WebTop,...
Unrestricted file upload
Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25;...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before...
CVE-2015-0551
Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before...
CVE-2015-4524
CVE-2015-4524: Unrestricted file upload in EMC Documentum WebTop family enables remote authenticated users to upload arbitrary files to the backend Content Server, potentially executing code. Affected products and versions include WebTop 6.7SP1 before P31, 6.7SP2 before P23, 6.8 before P01; Docum...
CVE-2015-0551
EMC Documentum WebTop and client products contain multiple cross-site scripting (XSS) vulnerabilities (CVE-2015-0551) allowing remote authenticated users to inject arbitrary HTML/script via unspecified vectors. Affected products include WebTop 6.7SP1/6.7SP2/6.8 and client components: Documentum A...