Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
HTTP session poisoning in EMC Documentum WDK-based applications causes arbitrary code execution and privilege elevation
Jul 04 2016 06:22AM
Andrey B. Panfilov (andrew panfilov tel)
Product: Documentum WDK-based applications, all versions
Security impact: high
All EMC Documentum WDK-based applications (Taskspace, Webtop, Documentum Administrator,
EPFM) contain extremely dangerous web component â?? API Tester. The â??API Testerâ? component
wanâ??t designed with ...
[ more ]
Copyright 2010, SecurityFocus