7 matches found
EUVD-2015-4553
Malware in sbrugna...
Sql injection
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dmbptransition docbase method with a user-created dmprocedure object,...
CVE-2017-7221
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dmbptransition docbase method with a user-created dmprocedure object,...
Authorization
EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 does not properly check authorization after creation of an object, which allows remote authenticated users to execute arbitrary code with super-user privileges via a custom scrip...
EMC Documentum Content Server Multiple Vulnerabilities (ESA-2014-064)
The remote host is running a version of EMC Documentum Content Server that is affected by multiple vulnerabilities : - A remote code execution vulnerability exists due to improper authorization checks. A remote, authenticated attacker can exploit this vulnerability to execute arbitrary code via a...
ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities
ESA-2014-064.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities EMC Identifier: ESA-2014-064 CVE Identifier: CVE-2014-2513, CVE-2014-2514 Severity Rating: CVSS v2 Base Score: Refer below for scores for each CVE...
CVE-2014-2513
OpenText/OpenText Documentum Content Server is affected (EMC Documentum Content Server) prior to versions 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06. The root cause is an inadequate authorization check in the dm_bp_transition docbase method, allowing remote authenticated ...