CVE-2011-0496
published 2011-01-20CVE-2011-0496: Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace…
PriorityP353critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
4.55%
90.4th percentile
Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability."
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sybase | appeon_for_powerbuilder | — | — |
| sybase | appeon_for_powerbuilder | — | — |
| sybase | appeon_for_powerbuilder | — | — |
| sybase | appeon_for_powerbuilder | — | — |
| sybase | appeon_for_powerbuilder | — | — |
| sybase | appeon_for_powerbuilder | — | — |
| sybase | appeon_for_powerbuilder | — | — |
| sybase | appeon_for_powerbuilder | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | easerver | — | — |
| sybase | replication_server | — | — |
| sybase | sybase_workspace | — | — |
| sybase | sybase_workspace | — | — |
| sybase | sybase_workspace | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat6.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3h7f-5q54-4v2g: Unspecified vulnerability in Sybase EAServer 5
ghsa_unreviewed·2022-05-17
CVE-2011-0496 [HIGH] GHSA-3h7f-5q54-4v2g: Unspecified vulnerability in Sybase EAServer 5
Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability."
Red Hat
xen: insufficiencies in pv kernel image validation
vendor_redhat·2011-05-09·CVSS 6.9
CVE-2011-1583 [MEDIUM] xen: insufficiencies in pv kernel image validation
xen: insufficiencies in pv kernel image validation
Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.
Statement: This issue did not affect the versions of the Xen package as shipped with Red Hat Enterprise Linux 4 and 6. This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-0496.html.
Red Hat
xen: insufficiencies in pv kernel image validation
vendor_redhat·2011-05-09·CVSS 2.1
CVE-2011-3262 [LOW] xen: insufficiencies in pv kernel image validation
xen: insufficiencies in pv kernel image validation
tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."
Statement: This issue did not affect the versions of the Xen package as shipped with Red Hat Enterprise Linux 4 and 6. This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-0496.html.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/70428http://secunia.com/advisories/42904http://www.securityfocus.com/bid/45809http://www.sybase.com/detail?id=1091057http://www.vupen.com/english/advisories/2011/0125https://exchange.xforce.ibmcloud.com/vulnerabilities/64697http://osvdb.org/70428http://secunia.com/advisories/42904http://www.securityfocus.com/bid/45809http://www.sybase.com/detail?id=1091057http://www.vupen.com/english/advisories/2011/0125https://exchange.xforce.ibmcloud.com/vulnerabilities/64697
2011-01-20
Published