PT-2012-3916 · Emc · Emc Documentum Information Rights Management

Luigi Auriemma

Published

2012-05-14

Updated

2017-08-29

CVE-2012-2277

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions EMC Documentum Information Rights Management versions 4.x before 4.7.0100 EMC Documentum Information Rights Management versions 5.x before 5.0.1030

Description The issue allows remote attackers to cause a denial of service, specifically a process hang of pvcontrol.exe, by including line feed characters in the Id fields of many "batch begin untethered" commands.

Recommendations For versions 4.x before 4.7.0100, update to version 4.7.0100 or later to resolve the issue. For versions 5.x before 5.0.1030, update to version 5.0.1030 or later to resolve the issue.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2012-2277

Affected Products

Emc Documentum Information Rights Management

PT-2012-3916 · Emc · Emc Documentum Information Rights Management

CVE-2012-2277

Weakness Enumeration

Related Identifiers

Affected Products

References · 9