CVE-2008-3685

Name of the Vulnerable Software and Affected Versions EMC Documentum ApplicationXtender Workflow versions prior to 5.40 SP1

Description The issue allows remote attackers to upload arbitrary files and execute arbitrary code via directory traversal sequences in requests to TCP port 2606. This is due to a directory traversal vulnerability in the aws tmxn.exe component of the Admin Agent service.

Recommendations For versions prior to 5.40 SP1, update to a version that includes the fix for this issue to prevent remote attackers from uploading arbitrary files and executing arbitrary code.