PT-2012-3915 · Emc · Emc Documentum Information Rights Management

Luigi Auriemma

Published

2012-05-14

Updated

2017-08-29

CVE-2012-2276

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions EMC Documentum Information Rights Management versions 4.x before 4.7.0100 EMC Documentum Information Rights Management versions 5.x before 5.0.1030

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash due to a NULL pointer dereference. This can be achieved by sending input data that either lacks FIPS fields or contains an invalid version number.

Recommendations For versions 4.x before 4.7.0100, update to version 4.7.0100 or later to resolve the issue. For versions 5.x before 5.0.1030, update to version 5.0.1030 or later to resolve the issue.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2012-2276

Affected Products

Emc Documentum Information Rights Management

PT-2012-3915 · Emc · Emc Documentum Information Rights Management

CVE-2012-2276

Weakness Enumeration

Related Identifiers

Affected Products

References · 9