CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-0398
https://notcve.org/view.php?id=CVE-2012-0398
EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors. EMC Documentum eRoom antes de v7.4.4 no valida correctamente las cookies de sesión, lo que permite a atacantes remotos secuestrar o reproducir las sesiones a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2012-03/0057.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2012-0404
https://notcve.org/view.php?id=CVE-2012-0404
Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en EMC Documentum eRoom antes de v7.4.4, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2012-03/0057.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 5EXPL: 0CVE-2012-0396
https://notcve.org/view.php?id=CVE-2012-0396
EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly enforce the requirement for BROWSE permission, which allows remote authenticated users to determine the existence of an object, or read object metadata, via a search. EMC Documentum xplore v1.0, v1.1 antes de vP07, y v1.2 no se aplican correctamente el requisito del permiso BROWSE, lo que permite determinar la existencia de un objeto o leer los metadatos del objeto a usuarios remotos autenticados, a través de una búsqueda. • http://archives.neohapsis.com/archives/bugtraq/2012-02/0020.html http://secunia.com/advisories/47920 http://securitytracker.com/id?1026639 http://www.securityfocus.com/bid/51863 https://exchange.xforce.ibmcloud.com/vulnerabilities/72994 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2011-4144 – EMC Documentum Content Server Privilege Escalation
https://notcve.org/view.php?id=CVE-2011-4144
Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveraging system administrator privileges. Vulnerabilidad sin especificar en EMC Documentum Content Server 6.0, 6.5 anteriores a SP2 P02, 6.5 SP3 anteriores a SP3 P02 y 6.6 anteriores a P02 permite a usuarios locales obtener "privilegios de usuarios muy elevados" utilizando privilegios de administrador system. EMC Documentum Content Server suffers from a privilege escalation vulnerability. • http://archives.neohapsis.com/archives/bugtraq/2012-02/0005.html •
CVSS: 10.0EPSS: 90%CPEs: 37EXPL: 0CVE-2012-0395 – EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution
https://notcve.org/view.php?id=CVE-2012-0395
Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. Desbordamiento de búfer en el servidor en EMC NetWorker v7.5.x y v7.6.x anterior a v7.6.3 SP1 Cumulative Release 851 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) o posiblemente ejecutar código arbitrario a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Networker. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way the indexd.exe handles rpc calls with opcode 0x1 for program 0x0005F3D9. While processing this message a user supplied string is copied into a fixed size stack buffer. • http://www.securityfocus.com/archive/1/521374 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •