CVE-2012-2276
EMC IRM License Server 4.6.1.1995 - Denial of Service
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number.
El servidor de IRM en EMC EMC Documentum Information Rights Management v4.x anterior a v4.7.0100 y v5.x anterior a v5.0.1030, permite a atacantes remotos provocar una denegación de servicio (eliminar la referencia del puntero NULL y caída demonio) a través de los datos de entrada (1) que carece de FIPS campos o (2) tiene un número de versión no válido.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-04-12 First Exploit
- 2012-04-19 CVE Reserved
- 2012-05-11 CVE Published
- 2024-06-02 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://aluigi.org/adv/irm_1-adv.txt | X_refsource_misc | |
| http://secunia.com/advisories/48690 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/522682 | Mailing List | |
| http://www.securityfocus.com/bid/53475 | Vdb Entry | |
| http://www.securitytracker.com/id?1027058 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75553 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/18734 | 2012-04-12 | |
| http://www.exploit-db.com/exploits/18734 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Emc Search vendor "Emc" | Documentum Information Rights Management Search vendor "Emc" for product "Documentum Information Rights Management" | 4 Search vendor "Emc" for product "Documentum Information Rights Management" and version "4" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Information Rights Management Search vendor "Emc" for product "Documentum Information Rights Management" | 5 Search vendor "Emc" for product "Documentum Information Rights Management" and version "5" | - |
Affected
| ||||||