CVE-2012-2277

EMC Documentum Information Rights Management 4.x-5.x - Denial of Service via Newline in Batch Begin Untethered Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-2277. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The document describes multiple vulnerabilities in EMC IRM License Server, including NULL pointer dereferences and process freezing due to malformed commands. It provides an analysis of the bugs but does not include actual exploit code.

Description

The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdoshardware

https://www.exploit-db.com/exploits/18734

View Code ZIP pw:eip

The document describes multiple vulnerabilities in EMC IRM License Server, including NULL pointer dereferences and process freezing due to malformed commands. It provides an analysis of the bugs but does not include actual exploit code.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Theoretical

Target: EMC IRM License Server <= 4.6.1.1995

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK