CVE-2013-3275

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obtain sensitive information via a crafted web site, related to "cross frame scripting vulnerabilitie...

CVE-2013-3274

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors...

CVE-2013-3274

EMC Avamar Server and Avamar Virtual Edition before version 7.0 on Data Store Gen3, Gen4, and Gen4s hardware are affected by CVE-2013-3274 due to improper authorization checks on Java RMI calls. This potentially allows remote authenticated users to execute arbitrary code via unspecified vectors. ...

CVE-2013-3275

EMC Avamar Server and Avamar Virtual Edition prior to v7.0 on Data Store Gen3, Gen4, or Gen4s platforms are affected by cross frame scripting vulnerabilities (CVE-2013-3275). The web interface does not properly restrict FRAME elements, which can allow a crafted remote site to monitor input and ex...