NuytsTech Security

CVE-2011-0497

by ·

Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../" (dot dot forward-slash backslash) sequences in a crafted request.

Date published : 2011-01-20

http://www.securityfocus.com/bid/45809

http://www.sybase.com/detail?id=1091057

Tags: