CVE-2011-2475

Sybase Onebridge Mobile Data Suite - Format String Vulnerability

Title source: rule

Description

Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields, related to authentication logging.

References (2)

[Third Party Advisory] http://zerodayinitiative.com/advisories/ZDI-11-171/

[Vendor Advisory] http://www.sybase.com/detail?id=1092074

Scores

EPSS 0.0472

EPSS Percentile 89.4%

Details

CWE

CWE-134

Status published

Products (2)

sybase/onebridge_mobile_data_suite 5.5

sybase/onebridge_mobile_data_suite 5.6

Published Jun 09, 2011

Tracked Since Feb 18, 2026