Vulnerabilities > EMC
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-05-10 | CVE-2013-0946 | Buffer Errors vulnerability in EMC Alphastor 4.0 Buffer overflow in the Library Control Program (LCP) in EMC AlphaStor 4.0 before build 910 allows remote attackers to execute arbitrary code via crafted commands. | 9.3 |
2013-05-10 | CVE-2013-0939 | Improper Input Validation vulnerability in EMC products EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting" issue. | 5.8 |
2013-05-10 | CVE-2013-0938 | Cross-Site Scripting vulnerability in EMC products Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-05-10 | CVE-2013-0937 | Improper Authentication vulnerability in EMC products Session fixation vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to hijack web sessions via unspecified vectors. | 5.8 |
2013-05-07 | CVE-2013-0934 | Permissions, Privileges, and Access Controls vulnerability in EMC RSA Archer Egrc and RSA Archer Smartsuite EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and modify global reports via unspecified vectors. | 4.0 |
2013-05-07 | CVE-2013-0933 | Cross-Site Scripting vulnerability in EMC RSA Archer Egrc and RSA Archer Smartsuite Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2013-05-07 | CVE-2013-0932 | Permissions, Privileges, and Access Controls vulnerability in EMC RSA Archer Egrc and RSA Archer Smartsuite EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and upload arbitrary files via unspecified vectors. | 4.0 |
2013-05-03 | CVE-2013-0945 | Improper Input Validation vulnerability in EMC Avamar EMC Avamar Client before 6.1.101-89 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 9.3 |
2013-05-03 | CVE-2013-0944 | Information Exposure vulnerability in EMC Avamar The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL. | 3.5 |
2013-05-03 | CVE-2013-0940 | Permissions, Privileges, and Access Controls vulnerability in EMC Networker The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | 7.2 |