Vulnerabilities > EMC > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-12-10 | CVE-2008-5419 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Control Center 5.2/6.0 Stack-based buffer overflow in SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center 5.2 SP5 and 6.0 allows remote attackers to execute arbitrary code via multiple SST_CTGTRANS requests. | 10.0 |
| 2008-04-14 | CVE-2008-0963 | USE of Externally-Controlled Format String vulnerability in EMC Diskxtender 6.20.060 Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface. | 9.0 |
| 2008-04-14 | CVE-2008-0962 | Buffer Errors vulnerability in EMC Diskxtender 6.20.060 Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface. | 9.0 |
| 2008-04-14 | CVE-2008-0961 | Use of Hard-coded Credentials vulnerability in EMC Diskxtender 6.20.060 EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypass authentication via the RPC interface. | 9.8 |
| 2008-02-07 | CVE-2008-0656 | Improper Input Validation vulnerability in EMC Documentum Administrator and Documentum Webtop Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute. | 10.0 |
| 2007-10-11 | CVE-2007-5323 | Buffer Errors vulnerability in EMC Replistor 6.1.3 The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call. | 10.0 |
| 2007-08-21 | CVE-2007-3618 | Remote Exec Service Stack Buffer Overflow vulnerability in EMC Legato Networker Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd." | 9.3 |
| 2007-08-03 | CVE-2007-4155 | Remote Code Execution vulnerability in EMC VMWare 6.0.0 Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method. | 9.3 |
| 2007-04-30 | CVE-2006-7201 | Remote Security vulnerability in Rsa Security Sitekey EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassMark Flash shared object), which might allow remote attackers to obtain the token via HTTP. | 9.3 |
| 2007-04-30 | CVE-2006-7200 | Security Bypass vulnerability in Rsa Security Sitekey EMC RSA Security SiteKey issues challenge-bypass tokens that persist forever without a cancellation interface for end users, which makes it easier for attackers to bypass one stage of authentication by stealing and replaying a token. | 9.0 |