7 matches found
EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532)
Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in CVE-2015-4532: API ?,c,execute domethod WITH METHOD='dmbptransition', ARGUMENTS=' repo repo...
ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities EMC Identifier: ESA-2015-131 CVE Identifier: CVE-2015-4531, CVE-2015-4532, CVE-2015-4533, CVE-2015-4534, CVE-2015-4535, CVE-2015-4536 Severity Rating: CVSS v2 Base Score: See below f...
CVE-2015-4532
EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 does not properly check authorization and does not properly restrict object types, which allows remote authenticated users to run save RPC commands with super-user privileges, an...
CVE-2015-4532
CVE-2015-4532 affects EMC Documentum Content Server prior to specific service packs/patch levels (6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, 7.2 before P02). The root cause is insufficient authorization checks and lack of proper restriction of object types, enabling remote aut...
EMC Documentum Content Server Code Execution Vulnerability
EMC Documentum Content Server suffers from an arbitrary code execution vulnerability. Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in...
EMC Documentum Content Server Multiple Vulnerabilities (ESA-2015-131)
The version of EMC Documentum Content Server running on the remote host is affected by multiple vulnerabilities : - A privilege escalation vulnerability exists due to improper authorization checks performed on subgroups within the dmsuperusers group. An authenticated, remote attacker can exploit...
EMC Documentum Content Server Code Execution
Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in CVE-2015-4532: API ?,c,execute domethod WITH METHOD='dmbptransition', ARGUMENTS=' repo repo...