Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0656

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-0656
Last Modified 07 Mar 2011 10:05:03
Published 07 Feb 2008 04:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0656

Summary

Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute.

Vulnerable Systems

Application

  • Emc Documentum Administrator 4.2.8

  • Emc Documentum Administrator 5.2.5

  • Emc Documentum Administrator 5.2.5 Sp2

  • Emc Documentum Administrator 5.3.0.313

  • Emc Documentum Webtop 5.2.5

  • Emc Documentum Webtop 5.2.5 Sp2

  • Emc Documentum Webtop 5.3.0.317


References

VUPEN - ADV-2008-0439

SECTRACK - 1019305

BID - 27632

BUGTRAQ - 20080205 CYBSEC Security Advisory: Arbitrary file overwrite in Documentum Administrator / Documentum Webtop

MISC - http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_Documentum_dmclTrace_Arbitrary_file_overwrite.pdf

SECUNIA - 28810

SREASON - 3626


Last Updated: 27 May 2016 10:46:52