CVE-2012-2277
EMC IRM License Server 4.6.1.1995 - Denial of Service
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via
(line feed) characters in the Id fields of many "batch begin untethered" commands.
El Server IRM en EMC Documentum Information Rights Management v4.x anterior a v4.7.0100 y v5.x anterior a v5.0.1030, permite a atacantes remotos provocar una denegación de servicio (cuelgue del proceso pvcontrol.exe ) a través de un salto de línea (
) en los campos ID de muchos comandos "batch begin untethered"
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-04-12 First Exploit
- 2012-04-19 CVE Reserved
- 2012-05-11 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://aluigi.org/adv/irm_1-adv.txt | X_refsource_misc | |
| http://secunia.com/advisories/48690 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/522682 | Mailing List | |
| http://www.securityfocus.com/bid/53475 | Vdb Entry | |
| http://www.securitytracker.com/id?1027058 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75554 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/18734 | 2012-04-12 | |
| http://www.exploit-db.com/exploits/18734 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Emc Search vendor "Emc" | Documentum Information Rights Management Search vendor "Emc" for product "Documentum Information Rights Management" | 4 Search vendor "Emc" for product "Documentum Information Rights Management" and version "4" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Documentum Information Rights Management Search vendor "Emc" for product "Documentum Information Rights Management" | 5 Search vendor "Emc" for product "Documentum Information Rights Management" and version "5" | - |
Affected
| ||||||