-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2016-069: EMC Documentum WebTop and WebTop Clients Improper Authorization
Vulnerability
EMC Identifier: ESA-2016-069
CVE Identifier: CVE-2016-0914
Severity Rating: CVSS v3 Base Score: 5.0 (AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L)
Affected
Product: OX App Suite
Vendor: OX Software GmbH
Internal reference: 45328 (Bug ID)
Vulnerability type: Information Exposure (CWE-200)
Vulnerable version: 7.8.1 and earlier
Vulnerable component: frontend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 7.6.2-rev43,
Application: SAP NetWeaver AS JAVA
Versions Affected: SAP Application server for Java 7.2 - 7.4
Vendor URL: http://SAP.com
Bugs: denial of service
Sent:04.12.2015
Reported: 05.12.2015
Vendor response: 05.12.2015
Date of Public Advisory: 14.03.2016
Reference: SAP Security Note 2259547
(You can read all this information in more detail on
http://blog.skylined.nl)
Software components such as memory managers often use magic values to
mark memory as having a certain state. These magic values can be used
during debugging to determine the state of the memory, and have often
(but not
Application:SAP NetWeaver AS JAVA
Versions Affected: SAP NetWeaver AS JAVA 7.2 - 7.4
Vendor URL: http://SAP.com
Bugs: denial of service
Sent: 04.12.2015
Reported: 05.12.2015
Vendor response: 05.12.2015
Date of Public Advisory: 14.03.2016
Reference: SAP Security Note 2256185