Vulnerability Details CVE-2008-0656
Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.2%
CVSS Severity
CVSS v2 Score 10.0
References
- http://secunia.com/advisories/28810
- http://securityreason.com/securityalert/3626
- http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_Documentum_dmclTrace_Arbitrary_file_overwrite.pdf
- http://www.securityfocus.com/archive/1/487603/100/0/threaded
- http://www.securityfocus.com/bid/27632
- http://www.securitytracker.com/id?1019305
- http://www.vupen.com/english/advisories/2008/0439
- http://secunia.com/advisories/28810
- http://securityreason.com/securityalert/3626
- http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_Documentum_dmclTrace_Arbitrary_file_overwrite.pdf
- http://www.securityfocus.com/archive/1/487603/100/0/threaded
- http://www.securityfocus.com/bid/27632
- http://www.securitytracker.com/id?1019305
- http://www.vupen.com/english/advisories/2008/0439
Products affected by CVE-2008-0656
-
cpe:2.3:a:emc:documentum_administrator:4.2.8
-
cpe:2.3:a:emc:documentum_administrator:5.2.5
-
cpe:2.3:a:emc:documentum_administrator:5.2.5_sp2
-
cpe:2.3:a:emc:documentum_administrator:5.3.0.313
-
cpe:2.3:a:emc:documentum_webtop:5.2.5
-
cpe:2.3:a:emc:documentum_webtop:5.2.5_sp2
-
cpe:2.3:a:emc:documentum_webtop:5.3.0.317