CVE-2012-2276

EMC Documentum Information Rights Management - Denial of Service via Invalid FIPS Fields or Version Number

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-2276. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The document describes multiple vulnerabilities in EMC IRM License Server, including NULL pointer dereferences and process freezing due to malformed commands. It provides an analysis of the bugs but does not include actual exploit code.

Description

The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdoshardware

https://www.exploit-db.com/exploits/18734

View Code ZIP pw:eip

The document describes multiple vulnerabilities in EMC IRM License Server, including NULL pointer dereferences and process freezing due to malformed commands. It provides an analysis of the bugs but does not include actual exploit code.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Theoretical

Target: EMC IRM License Server <= 4.6.1.1995

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK