• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Documentum Products 'dmclTrace.jsp' Arbitrary File Overwrite Vulnerability

Multiple Documentum products are prone to a vulnerability that could permit an attacker to overwrite arbitrary files because the software fails to verify user-supplied input.

A remote attacker can exploit this issue to overwrite arbitrary files on the victim's computer. This can allow the attacker to upload and execute arbitrary scripts in the context of the user running the affected application.

This issue affects the following:

Documentum Administrator 5.3.0.313
Documentum Webtop 5.3.0.317

Other Documentum applications and versions may also be affected.