Vulnerability Details CVE-2012-2276
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.165
EPSS Ranking 94.7%
CVSS Severity
CVSS v2 Score 7.8
References
- http://aluigi.org/adv/irm_1-adv.txt
- http://secunia.com/advisories/48690
- http://www.exploit-db.com/exploits/18734
- http://www.securityfocus.com/archive/1/522682
- http://www.securityfocus.com/bid/53475
- http://www.securitytracker.com/id?1027058
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75553
- http://aluigi.org/adv/irm_1-adv.txt
- http://secunia.com/advisories/48690
- http://www.exploit-db.com/exploits/18734
- http://www.securityfocus.com/archive/1/522682
- http://www.securityfocus.com/bid/53475
- http://www.securitytracker.com/id?1027058
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75553
Products affected by CVE-2012-2276
-
cpe:2.3:a:emc:documentum_information_rights_management:4
-
cpe:2.3:a:emc:documentum_information_rights_management:5