Body Background
TrendAI™ Zero Day Initiative™ Logo

EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Remote Code Execution Vulnerability

July 18th, 2011
ZDI-11-236 ZDI-CAN-1079

CVE ID

CVE-2011-1741

CVSS Score

10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Vendors

EMC

Affected Products

Documentum eRoom

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector. When parsing a particular packet received from a TCP connection, the application will attempt to copy part of the packet's contents into a buffer located on the stack. Due to not completely accommodating for the size of the data in the packet, the application will overwrite variables positioned after the buffer. This can lead to code execution under the context of the server.

Additional Details

EMC has issued an update to correct this vulnerability. More details can be found at:
http://www.securityfocus.com/archive/1/518897/30/0/threaded

Disclosure Timeline

  • 2011-01-21 - Vulnerability reported to vendor
  • 2011-07-18 - Coordinated public release of advisory

Credit

Stephen Fewer of Harmony Security (www.harmonysecurity.com)

Back to Advisories

Hero Background

Stand at the front line of proactive security

Trend ZDI connects the experts who discover, remediate, and defend.
Add your voice to the work that pushes attackers back.