CVE-2012-2277

EMC Documentum Information Rights Management - Memory Corruption

Title source: rule

Description

The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textdoshardware

https://www.exploit-db.com/exploits/18734

View Code ZIP pw:eip

References (7)

Core 7

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/522682

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48690

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/18734

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/53475

Various Sources x_refsource_misc

http://aluigi.org/adv/irm_1-adv.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1027058

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/75554

Scores

EPSS 0.1696

EPSS Percentile 95.0%

Details

CWE

CWE-119

Status published

Products (2)

emc/documentum_information_rights_management 4

emc/documentum_information_rights_management 5

Published May 14, 2012

Tracked Since Feb 18, 2026