Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3685

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-3685
Last Modified 20 Nov 2009 12:00:00
Published 22 Oct 2009 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3685

Summary

Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to upload arbitrary files, and execute arbitrary code, via directory traversal sequences in requests to TCP port 2606.

Vulnerable Systems

Application

  • Emc Documentum Applicationxtender Workflow Manager 5.40


References

MISC - http://www.zerodayinitiative.com/advisories/ZDI-08-095/

SECUNIA - 37070


Last Updated: 27 May 2016 10:48:16