Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5096

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-5096
Last Modified 17 Jul 2012 12:00:00
Published 03 Jul 2012 05:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-5096

Summary

Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet.

Vulnerable Systems

Application

  • Avaya Aura Application Server 5300 1.0

  • Avaya Aura Application Server 5300 2.0


References

CONFIRM - https://downloads.avaya.com/css/P8/documents/100146108

MISC - http://zerodayinitiative.com/advisories/ZDI-11-260/


Last Updated: 27 May 2016 10:56:36