CVE-2011-2739
published 2011-11-09CVE-2011-2739: The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous…
PriorityP344high8.5CVSS 2.0
AVNACMAuSCCICAC
EPSS
2.69%
84.0th percentile
The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploaded file.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| emc | documentum_eroom | — | — |
| emc | documentum_eroom | — | — |
| emc | documentum_eroom | — | — |
| emc | documentum_eroom | — | — |
CVSS provenance
nvdv2.08.5HIGHAV:N/AC:M/Au:S/C:C/I:C/A:C
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-93mp-77gf-xggq: The file-blocking feature in EMC Documentum eRoom 7
ghsa_unreviewed·2022-05-17
CVE-2011-2739 [HIGH] GHSA-93mp-77gf-xggq: The file-blocking feature in EMC Documentum eRoom 7
The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploaded file.
Red Hat
java: hash table collisions CPU usage DoS (oCERT-2011-003)
vendor_redhat·2011-12-28·CVSS 5.0
CVE-2012-2739 [MEDIUM] java: hash table collisions CPU usage DoS (oCERT-2011-003)
java: hash table collisions CPU usage DoS (oCERT-2011-003)
Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
Statement: This flaw affects various versions of Java as shipped with Red Hat products. A patch is available for Java 7 and Java 8, but not for previous versions of Java shipped with Red Hat products. Although no patch is available for previous versions of Java as shipped with Red Hat products, the impact of this flaw has been addressed in several components that utilize Java HashMap in such a way t
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2011-11-09
Published