EUVD-2014-0660

Malware in sbrugna...

EUVD-2014-0661

Malware in sbrugna...

CVE-2013-0939

EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting"...

CVE-2016-8213

EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and...

CVE-2016-8213

EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and...

CVE-2016-8213

CVE-2016-8213 affects EMC Documentum products: WebTop 6.8 (before P18) and 6.8.1 (before P06); TaskSpace 6.7SP3 (before P02); Capital Projects 1.9 (before P30) and 1.10 (before P17); and Administrator 7.0, 7.1, and 7.2 (before P18). The vulnerability is a Stored Cross-Site Scripting (XSS) issue t...

CVE-2016-0914

EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Documentum TaskSpace 6.7 SP3 allow remote authenticated users to bypass intended access restrictions...

Design/Logic Flaw

EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and Documentum TaskSpace 6.7 SP3 allow remote authenticated users to bypass intended access restrictions...

CVE-2016-0914

EMC Documentum WebTop and related components are affected by CVE-2016-0914. The vulnerability allows remote authenticated users to bypass intended access restrictions and execute arbitrary IAPI/IDQL commands via the IAPI/IDQL interface. Affected products/versions and patches (as described): WebTo...

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities

ESA-2014-073.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities EMC Identifier: ESA-2014-073 CVE Identifier: CVE-2014-2518 Severity Rating: CVSS v2 Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Affected products: • EMC...

EMC Documentum TaskSpace security vulnerabilities

Privilege escalation, information leakage...

ESA-2014-012: EMC Documentum TaskSpace Multiple Vulnerabilities

ESA-2014-012.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-012: EMC Documentum TaskSpace Multiple Vulnerabilities EMC Identifier: ESA-2014-012 CVE Identifier: CVE-2014-0629, CVE-2014-0630 Severity Rating: CVSS v2 Base Score: See below for individual scores Affected Products: Document...

EMC Documentum TaskSpace信息泄漏漏洞

Bugtraq ID:65991 CVE ID:CVE-2014-0630 EMC Documentum是一款企业文档和图像管理工具，使文档的创建、修改、跟踪和在业务过程中的利用变得高效、规范和严谨。 EMC Documentum TaskSpace服务器不正确过滤用户提交的输入，允许远程攻击者利用漏洞修改图像服务URL，获取敏感内容。 0 EMC Documentum TaskSpace TSP 6.7SP1 EMC Documentum TaskSpace TSP 6.7SP2 厂商补丁： HostBill ----- HostBill...

EMC Documentum TaskSpace远程权限提升漏洞

Bugtraq ID:65990 CVE ID:CVE-2014-0629 EMC Documentum是一款企业文档和图像管理工具，使文档的创建、修改、跟踪和在业务过程中的利用变得高效、规范和严谨。 把dmworld group用户提交到dmsuperusersdynamic组时存在安全漏洞，允许非特权TSP用户获取敏感特权信息。 0 EMC Documentum TaskSpace TSP 6.7SP1 EMC Documentum TaskSpace TSP 6.7SP2 厂商补丁： EMC ----- EMC Documentum TaskSpace 6.7 SP1 P25和6....

CVE-2014-0629

EMC Documentum TaskSpace TSP 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dmworld group and the dmsuperusersdynamic group, which allows remote authenticated users to obtain sensitive information and gain privileges in opportunistic circumstances by...

CVE-2014-0630

EMC Documentum TaskSpace TSP 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL...

Information disclosure

EMC Documentum TaskSpace TSP 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dmworld group and the dmsuperusersdynamic group, which allows remote authenticated users to obtain sensitive information and gain privileges in opportunistic circumstances by...

Code injection

EMC Documentum TaskSpace TSP 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL...

CVE-2014-0630

CVE-2014-0630 affects EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11. The issue allows remote authenticated users to retrieve arbitrary files by modifying the imaging-service URL used to stream content, indicating a failure in input/url validation within the imaging servic...

CVE-2014-0630

EMC Documentum TaskSpace TSP 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL...