Category Archives: Security alert

ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability.

This week EMC published a new security advisory. This time the advisory is related to Documentum xPlore. Affected products: EMC Documentum xPlore 1.0 (all patch versions) EMC Documentum xPlore 1.1 (all patch versions prior to 1.1 P07) EMC Documentum xPlore … Continue reading

Posted in ECM, EMC, Enterprise Search, Security alert | Tagged | Leave a comment

ESA-2012-009 – Security Alert on EMC Documentum: security patch ready

Today I verified that the security issue reported on this site and on many security related sites like SecurityFocus affects even Content Server 5.3 in addition to many 6.x systems. I know the exploit and I think you have to upgrade or install patches if: … Continue reading

Posted in ECM, EMC, Frontpage, Security alert | Tagged , , , , , , , | Leave a comment

EMC published a Security Alert on EMC Documentum: affected all content server versions from the 5.3 to the 6.6

As reported yesterday, EMC published a security advisory related to a privilege elevation vulnerability that I discovered some months ago. The security advisory ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability does not explain the vulnerability in great detail. It is reported that … Continue reading

Posted in ECM, EMC, Frontpage, Security alert | Tagged , , , | Leave a comment

EMC Security Advisory on EMC Documentum 6.0, 6.5, 6.6

Today EMC will be publishing a security advisory related to a privilege elevation vulnerability that I discovered some months ago. I am particularly proud of my research because what discovered is the first security alert on EMC Documentum systems in, at least, … Continue reading

Posted in ECM, EMC, Events, Frontpage, Security alert | Tagged , , , | Leave a comment

WordPress 3.3.1 available

WordPress 3.3.1 is now available. This maintenance release fixes 15 issues with WordPress 3.3, as well as a fix for a cross-site scripting vulnerability that affected version 3.3.

Posted in Events, Frontpage, Open Source, Security alert, WCM | Tagged | Leave a comment

TYPO3 4.6.2 and 4.5.9 released (security fixes included)

The TYPO3 Core Team announces versions 4.6.2 and 4.5.9 of the TYPO3 Enterprise Content Management System. All versions are maintenance releases and contain bug and security fixes. IMPORTANT: These versions include important security fixes to the TYPO3 core. A security … Continue reading

Posted in ECM, Open Source, Others, Press Releases, Security alert | Tagged | Leave a comment

Digital Defense Identifies KnowledgeTree™ Login Page Vulnerability

Digital Defense, Inc. (DDI), a leading provider of managed cloud-based security assessments, announced the organization’s discovery of a vulnerability within the KnowledgeTree login page which could allow an attacker to exploit this flaw to extract sensitive information. This security issue … Continue reading

Posted in ECM, Frontpage, Open Source, Others, Press Releases, Security alert | Tagged , , | Leave a comment

The TYPO3 security team has identified a critical security issue in the TYPO3 v4 Core

The TYPO3 security team has identified a critical security issue in the TYPO3 v4 Core. The following branches are affected by the vulnerability: * TYPO3 4.5 * TYPO3 4.6 TYPO3 releases containing a security fix will be published tomorrow, Friday … Continue reading

Posted in ECM, Open Source, Security alert | Tagged | Leave a comment

What’s new in Documentum Content Server 6.7 Sp1 (and xPlore)

1) Thesaurus support xPlore 1.2 (released with Documentum 6.7 Sp1) now support thesaurus. Administrators can import a thesaurus in SKOS format in the xPlore Administrator. As defined by Wikipedia, Simple Knowledge Organization System (SKOS) is a family of formal languages designed for representation … Continue reading

Posted in ECM, EMC, Frontpage, Security alert, Uncategorized | Leave a comment

eRoom 7.3 and later – arbitrary file upload vulnerability

Are you still using glorious EMC eRoom? Your system could need a little upgrade. This week the EMC Product Security Response Center published a bulletin related to an eRoom vulnerability. More info below: ESA-2011-032: EMC Documentum eRoom arbitrary file upload … Continue reading

Posted in Frontpage, Security alert, Uncategorized | Tagged , , , , | Leave a comment