EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2014-08-20T10:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2014-03-14T00:00:00
Link: CVE-2014-2520
JSON object: View
NVD Information
Status : Modified
Published: 2014-08-20T11:17:13.953
Modified: 2017-08-29T01:34:31.437
Link: CVE-2014-2520
JSON object: View
Redhat Information
No data.
CWE