exploitDog

CVE-2008-3685

Опубликовано: 22 окт. 2009

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to upload arbitrary files, and execute arbitrary code, via directory traversal sequences in requests to TCP port 2606.

Ссылки

http://secunia.com/advisories/37070
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-08-095/
http://secunia.com/advisories/37070
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-08-095/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:emc:documentum_applicationxtender_workflow_manager:*:sp1:*:*:*:*:*:*

Версия до 5.40 (включая)

EPSS

Процентиль: 72%

0.00704

Низкий

10 Critical

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-g99p-ffv8-649c

github

почти 4 года назад

Directory traversal vulnerability in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to upload arbitrary files, and execute arbitrary code, via directory traversal sequences in requests to TCP port 2606.

EPSS

Процентиль: 72%

0.00704

Низкий

10 Critical

CVSS2

Дефекты

CWE-22