5 matches found
EUVD-2015-0561
Malware in sbrugna...
CVE-2015-0548
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language DQL injection attacks and bypass intended read-access restrictions via unspecified vectors...
Design/Logic Flaw
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language DQL injection attacks and bypass intended read-access restrictions via unspecified vectors...
CVE-2015-0548
The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language DQL injection attacks and bypass intended read-access restrictions via unspecified vectors...
CVE-2015-0548
EMC Documentum D2 contains DQL injection vulnerabilities in D2DownloadService.getDownloadUrls (affecting D2 4.1/4.2 before 4.2 P16 and 4.5 before P03). A remote authenticated attacker can bypass read-access restrictions and disclose database data. Related advisory ESA-2015-108 and vendor/NVD entr...