Zero Day Initiative Advisory 11-236 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector. When parsing a particular packet received from a TCP connection, the application will attempt to copy part of the packet's contents into a buffer located on the stack. Due to not completely accommodating for the size of the data in the packet, the application will overwrite variables positioned after the buffer. This can lead to code execution under the context of the server.
c09c6ff148b85fb34a65bbcf03cb521e5a5c98dd3368e7056c611cea99909e84
EMC Documentum eRoom's Indexing Server contains a buffer overflow vulnerability which can be exploited to cause a denial of service, or possibly, arbitrary code execution. 7.x versions are affected.
768d2cd711fccb9c0a1c4db644f63ab576e893b5eb7d182b45376275e8da7e33