Vulnerabilities > EMC
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-05 | CVE-2009-2754 | Numeric Errors vulnerability in multiple products Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow. | 10.0 |
2010-02-25 | CVE-2010-0620 | Path Traversal vulnerability in EMC Homebase Server 6.2/6.3 Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. | 9.3 |
2009-10-22 | CVE-2009-3744 | Remote Denial of Service vulnerability in EMC Replistor 6.3.1.3 rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144. | 5.0 |
2009-10-22 | CVE-2008-3685 | Path Traversal vulnerability in EMC Documentum Applicationxtender Workflow Manager Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to upload arbitrary files, and execute arbitrary code, via directory traversal sequences in requests to TCP port 2606. | 10.0 |
2009-10-22 | CVE-2008-3684 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Documentum Applicationxtender Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to execute arbitrary code via crafted packet data to TCP port 2606. | 10.0 |
2009-04-15 | CVE-2009-1119 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Replistor Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow. | 10.0 |
2009-04-06 | CVE-2008-4916 | Remote vulnerability in VMware Hosted Products VMSA-2009-0005 Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors. | 4.6 |
2009-02-20 | CVE-2008-6219 | Resource Management Errors vulnerability in EMC products nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests. | 7.8 |
2009-01-27 | CVE-2009-0311 | Improper Input Validation vulnerability in EMC Autostart 5.3 The Backbone service (ftbackbone.exe) in EMC AutoStart before 5.3 SP2 allows remote attackers to execute arbitrary code via a packet with a crafted value that is dereferenced as a function pointer. | 10.0 |
2008-12-10 | CVE-2008-5420 | Information Exposure vulnerability in EMC Control Center 5.2/6.0 The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center before 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote attackers to read arbitrary files. | 7.8 |