QwikSec

Security Database

CVE

CWE

Training

CVE-2011-0547

Published: Aug 19, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple integer overflows in vxsvc.exe in the Veritas Enterprise Administrator service in Symantec Veritas Storage Foundation 5.1 and earlier, Veritas Storage Foundation Cluster File System (SFCFS) 5.1 and earlier, Veritas Storage Foundation Cluster File System Enterprise for Oracle RAC (SFCFSORAC) 5.1 and earlier, Veritas Dynamic Multi-Pathing (DMP) 5.1, and NetBackup PureDisk 6.5.x through 6.6.1.x allow remote attackers to execute arbitrary code via (1) a crafted Unicode string, related to the vxveautil.value_binary_unpack function; (2) a crafted ASCII string, related to the vxveautil.value_binary_unpack function; or (3) a crafted value, related to the vxveautil.kv_binary_unpack function, leading to a buffer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://zerodayinitiative.com/advisories/ZDI-11-264/

x_refsource_MISC

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_HP

oval:org.mitre.oval:def:14792

vdb-entry

signature

x_refsource_OVAL

http://zerodayinitiative.com/advisories/ZDI-11-263/

x_refsource_MISC

http://www.symantec.com/business/support/index?page=content&id=TECH165536

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110815_00

x_refsource_CONFIRM

http://zerodayinitiative.com/advisories/ZDI-11-262/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.