CVE-2011-2475

Published: Jun 9, 2011Modified: Apr 29, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields, related to authentication logging.

Affected (2)

Products: Sybase: Onebridge Mobile Data Suite

1 product

Onebridge Mobile Data Suite

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Sybase Onebridge Mobile Data Suite	Version 5.5
Sybase Onebridge Mobile Data Suite	Version 5.6

Related CWEs

Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

References (4)

http://www.sybase.com/detail?id=1092074

Source: cve@mitre.org

Vendor Advisory

http://zerodayinitiative.com/advisories/ZDI-11-171/

Source: cve@mitre.org

http://www.sybase.com/detail?id=1092074

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://zerodayinitiative.com/advisories/ZDI-11-171/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.