CVE-2017-5586 – OpenText Documentum D2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2017-5586
OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell (bsh) and Apache Commons Collections (ACC) libraries. OpenText Documentum D2 (anteriormente EMC Documentum D2) 4.x permite a atacantes remotos ejecutar comandos arbitrarios a través de un objeto Java serializado manipulado, relacionado con las librerías BeanShell (bsh) y Apache Commons Collections (ACC). OpenText Documentum D2 version 4.x contains vulnerable BeanShell (bsh) and Apache Commons libraries and accepts serialized data from untrusted sources, which leads to remote code execution. • https://www.exploit-db.com/exploits/41366 http://packetstormsecurity.com/files/141105/OpenText-Documentum-D2-4.x-Remote-Code-Execution.html http://www.securityfocus.com/bid/96216 • CWE-20: Improper Input Validation •
CVE-2016-6644
https://notcve.org/view.php?id=CVE-2016-6644
EMC Documentum D2 4.5 before patch 15 and 4.6 before patch 03 allows remote attackers to read arbitrary Docbase documents by leveraging knowledge of an r_object_id value. EMC Documentum D2 4.5 en versiones anteriores a patch 15 y 4.6 en versiones anteriores a patch 03 permite a atacantes remotos leer documentos Docbase arbitrarios aprovechando el conocimiento de un valor r_object_id. • http://seclists.org/bugtraq/2016/Sep/18 http://www.securityfocus.com/bid/92906 http://www.securitytracker.com/id/1036796 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-0888
https://notcve.org/view.php?id=CVE-2016-0888
EMC Documentum D2 before 4.6 lacks intended ACLs for configuration objects, which allows remote authenticated users to modify objects via unspecified vectors. EMC Documentum D2 en versiones anteriores a 4.6 carece de ACLs destinadas a objetos de configuración, lo que permite a usuarios remotos autenticados modificar objetos a través de vectores no especificados. • http://seclists.org/bugtraq/2016/Apr/20 http://www.securitytracker.com/id/1035459 •
CVE-2015-4537
https://notcve.org/view.php?id=CVE-2015-4537
Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating this passphrase in a decompiled D2 JAR archive. Vulnerabilidad en Lockbox en EMC Documentum D2 anterior a 4.5, utiliza una frase de acceso embebida cuando a un servidor le falta el fichero D2.Lockbox, lo que hace que sea más fácil para los usuarios remotos autenticados descifrar tickets de administración mediante la localización de esta frase de acceso en un archivo D2 JAR descompilado. • http://seclists.org/bugtraq/2015/Aug/117 http://www.securitytracker.com/id/1033345 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-0547
https://notcve.org/view.php?id=CVE-2015-0547
The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 and 4.5 before P03 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended read-access restrictions via unspecified vectors. El método de servicio D2CenterstageService.getComments en EMC Documentum D2 4.1 y 4.2 anterior a 4.2 P16 y 4.5 anterior a P03 permite a usuarios remotos autenticados realizar ataques de inyección Documentum Query Language (DQL) y evadir las restricciones de acceso a lectura a través de vectores no especificados. • http://seclists.org/bugtraq/2015/Jul/10 http://www.securitytracker.com/id/1032769 • CWE-20: Improper Input Validation •