CVE-2015-0550

Published: Jun 28, 2015Modified: May 6, 2026

8.5

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:P

Exploitability: 10.0 / Impact: 7.8

Source: NVD

Description

Directory traversal vulnerability in EMC Documentum Thumbnail Server 6.7SP1 before P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P01 allows remote attackers to bypass intended Content Server access restrictions via unspecified vectors.

Affected (5)

Products: Emc: Documentum Thumbnail Server

Emc

1 product

Documentum Thumbnail Server

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Emc Documentum Thumbnail Server	Version 6.7 sp1
Emc Documentum Thumbnail Server	Version 6.7 sp2
Emc Documentum Thumbnail Server	Version 7.0
Emc Documentum Thumbnail Server	Version 7.1
Emc Documentum Thumbnail Server	Version 7.2

Related CWEs

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (4)

http://seclists.org/bugtraq/2015/Jun/114

Source: security_alert@emc.com

http://www.securitytracker.com/id/1032694

Source: security_alert@emc.com

http://seclists.org/bugtraq/2015/Jun/114

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1032694

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.