Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2475

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-2475
Last Modified 14 Jun 2011 12:00:00
Published 09 Jun 2011 05:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2475

Summary

Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields, related to authentication logging.

Vulnerable Systems

Application

  • Sybase Onebridge Mobile Data Suite 5.5

  • Sybase Onebridge Mobile Data Suite 5.6


References

MISC - http://zerodayinitiative.com/advisories/ZDI-11-171/

CONFIRM - http://www.sybase.com/detail?id=1092074


Last Updated: 27 May 2016 10:57:02