Showing 1 - 1 of 1

CVE-2014-2503

Status Candidate

Overview

The thumbnail proxy server in EMC Documentum Digital Asset Manager (DAM) 6.5 SP3, 6.5 SP4, 6.5 SP5, and 6.5 SP6 before P13 allows remote attackers to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on querying objects via a crafted parameter in a query string.

Related Files

EMC Documentum Digital Asset Manager Blind DQL Injection: Posted Jun 5, 2014; Site emc.com; EMC Documentum Digital Asset Manager (DAM) announces a security fix to address blind DQL (Documentum Query Language) injection vulnerability. The DAM thumbnail proxy server allows unauthenticated users to query objects using a vulnerable URL query string parameter. A malicious attacker can potentially conduct Blind DQL injection attacks using the vulnerable parameter to infer or modify the database contents. EMC Documentum Digital Asset Manager versions 6.5 SP3 through SP6 are affected.; tags | advisory; advisories | CVE-2014-2503; SHA-256 | 91095ede0e45fd5a70e325ef49ee1a0b47012f04bd0ecbd47837a21f92c3fdf2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 163 files
Ubuntu 99 files
indoushka 62 files
Debian 22 files
nu11secur1ty 19 files
CraCkEr 8 files
Google Security Research 7 files
Gentoo 7 files
Apple 6 files
bluedragonsec 4 files

File Archives

Systems

AIX (428)
Apple (2,009)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,842)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,329)
HPUX (879)
iOS (353)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,811)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,916)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,938)
UNIX (9,313)
UnixWare (186)
Windows (6,588)
Other

CVE-2014-2503

Overview

Related Files

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems