当前位置: 首页 > 服务与支持 > 产品升级公告 > 安全漏洞公告

服务与支持Support

漏洞名称:EMC Documentum WebTop客户端产品跨站脚本漏洞

     发表日期:2015-07-06 10:12:38

漏洞名称:EMC Documentum WebTop客户端产品跨站脚本漏洞(CVE-2015-0551)
CVE ID:CVE-2015-0551
受影响系统:
EMC Documentum Webtop 6.8
EMC Documentum Webtop 6.7SP2
EMC Documentum Webtop 6.7SP1
详细信息:
 
EMC Documentum WebTop是基于浏览器的接口,提供对EMC Documentum库及企业内容管理服务的访问。
 
 
 
EMC Documentum WebTop客户端产品存在多个跨站脚本漏洞,攻击者利用这些漏洞可注入任意HTML代码或脚本。
 
 
漏洞来源:
EMC
解决方案:
厂商补丁:
 
EMC
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
 
 
 
EMC Documentum WebTop 
 
 
 
6.7SP1 - https://emc.subscribenet.com/control/dctm/download?element=3887191
 
 
 
6.7SP2 - https://emc.subscribenet.com/control/dctm/download?element=4544381
 
 
 
6.8 - https://emc.subscribenet.com/control/dctm/download?element=5950091
 
 
 
EMC Documentum Capital Projects 
 
 
 
1.8 - https://emc.subscribenet.com/control/dctm/download?element=4928521
 
 
 
1.9 - https://emc.subscribenet.com/control/dctm/download?element=5350311
 
 
 
EMC Documentum Administrator 
 
 
 
6.7SP1 - https://emc.subscribenet.com/control/dctm/download?element=3887141
 
 
 
6.7SP2 - https://emc.subscribenet.com/control/dctm/download?element=4541681
 
 
 
7.0 - https://emc.subscribenet.com/control/dctm/download?element=4787271
 
 
 
7.1 - https://emc.subscribenet.com/control/dctm/download?element=5096401
 
 
 
7.2 - https://emc.subscribenet.com/control/dctm/download?element=6091351
 
 
 
EMC Documentum Digital Assets Manager, v6.5SP6P25或更高版本
 
 
 
https://emc.subscribenet.com/control/dctm/download?element=4772311
 
 
 
EMC Documentum Web Publishers, v6.5SP7P25或更高版本
 
https://emc.subscribenet.com/control/dctm/download?element=4772271
 
 
 
EMC Documentum Task Space 
 
 
 
6.7SP1  https://emc.subscribenet.com/control/dctm/download?element=3887341
 
 
 
6.7SP2  https://emc.subscribenet.com/control/dctm/download?element=4544451