First published: Wed Aug 20 2014(Updated: )
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
EMC Documentum Content Server | <=6.7 | |
EMC Documentum Content Server | =6.0 | |
EMC Documentum Content Server | =6.5 | |
EMC Documentum Content Server | =6.5-sp1 | |
EMC Documentum Content Server | =6.5-sp2 | |
EMC Documentum Content Server | =6.5-sp3 | |
EMC Documentum Content Server | =6.6 | |
EMC Documentum Content Server | =6.7 | |
EMC Documentum Content Server | =6.7-sp1 | |
EMC Documentum Content Server | =7.0 | |
EMC Documentum Content Server | =7.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.