RSS   Podatności dla
'Documentum digital asset manager'
   RSS

2015-08-20
 
CVE-2015-4530

 

 
Cross-site request forgery (CSRF) vulnerability in EMC Documentum WebTop before 6.8P01, Documentum Administrator through 7.2, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7SP2 allows remote attackers to hijack the authentication of arbitrary users. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2518.

 
2015-07-16
 
CVE-2015-4529

 

 
Open redirect vulnerability in EMC Documentum WebTop before 6.8P02, Documentum Administrator before 7.2P01, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7SP2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

 
2015-07-04
 
CVE-2015-4524

 

 
Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allows remote authenticated users to execute arbitrary code by uploading a file to the backend Content Server.

 
 
CVE-2015-0551

 

 
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

 
2014-06-05
 
CVE-2014-2503

CWE-20
 

 
The thumbnail proxy server in EMC Documentum Digital Asset Manager (DAM) 6.5 SP3, 6.5 SP4, 6.5 SP5, and 6.5 SP6 before P13 allows remote attackers to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on querying objects via a crafted parameter in a query string.

 
2013-11-06
 
CVE-2013-3281

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7 SP2 P07, Documentum Web Publisher before 6.5 SP7, Documentum Digital Asset Manager before 6.5 SP6, Documentum Administrator before 6.7 SP2 P07, and Documentum Capital Projects before 1.8 P01 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter in a URL.

 

 >>> Vendor: EMC 177 Produkty
Networker
Retrospect client
Legato networker
Eroom
Navisphere manager
Retrospect
Rsa security sitekey
Data domain os
Vmware
Vmware server
Replistor
Vmware player
Documentum administrator
Documentum webtop
Diskxtender
Alphastor
Dantz retrospect backup server
Centera universal access
Documentum applicationxtender
Documentum applicationxtender workflow manager
Control center
Networker client
Networker module
Networker powersnap
Networker server
Networker storage node
Autostart
Captiva pixtools distributed imaging
Homebase server
Rsa key manager client
Avamar
Disk library
Celerra network attached storage
Replication manager
Data protection advisor collector
Rsa adaptive authentication on-premise
Data loss prevention enterprise manager
Sourceone email management
Documentum eroom
Data protection advisor
Captiva einput
Ionix acm
Ionix asam
Ionix ip
Rsa key manager appliance
Documentum content server
Documentum xplore
Documentum information rights management
Documentum applicationxtender desktop
Captiva quickscan pro
Celerra network server
VNX
VNXE
Lifeline
Applicationxtender desktop
Applicationxtender web access .net
Cloud tiering appliance virtual edition
Cloud tiering appliance
Rsa authentication agent
Rsa authentication client
Networker module for microsoft applications
Rsa data protection manager software server
Rsa data protection manager appliance
It operations intelligence
Rsa netwitness informer
Avamar plugin
Rsa archer egrc
Rsa archer smartsuite
Smarts network configuration manager
Smarts ip manager
Smarts mpls manager
Smarts network protocol manager
Smarts server manager
Smarts services assurance manager
Smarts voip availability manager
Documentum records manager
Documentum taskspace
Documentum wdk
Celerra control station
Vnx control station
Avamar server
Avamar server virtual edition
Geosynchrony
Vplex geo
Vplex local
Vplex metro
Atmos
Unisphere
Documentum capital projects
Documentum digital asset manager
Documentum web publisher
Document sciences xpression
Rsa netwitness nextgen
Rsa security analytics
Connectrix manager
Watch4net
Documentum foundation services
Rsa bsafe ssl-j
Rsa data loss prevention
Rsa bsafe
Zobacz wszystkie produkty dla producenta EMC


Copyright 2024, cxsecurity.com

 

Back to Top