Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allows remote authenticated users to execute arbitrary code by uploading a file to the backend Content Server.
References
Link | Resource |
---|---|
http://seclists.org/bugtraq/2015/Jul/9 | Mailing List Third Party Advisory |
http://www.securitytracker.com/id/1032770 | Third Party Advisory VDB Entry |
http://seclists.org/bugtraq/2015/Jul/9 | Mailing List Third Party Advisory |
http://www.securitytracker.com/id/1032770 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:31
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/bugtraq/2015/Jul/9 - Mailing List, Third Party Advisory | |
References | () http://www.securitytracker.com/id/1032770 - Third Party Advisory, VDB Entry |
Information
Published : 2015-07-04 14:59
Updated : 2024-11-21 02:31
NVD link : CVE-2015-4524
Mitre link : CVE-2015-4524
CVE.ORG link : CVE-2015-4524
JSON object : View
Products Affected
emc
- documentum_administrator
- documentum_taskspace
- documentum_web_publisher
- documentum_webtop
- documentum_digital_asset_manager
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type