Symantec Enterprise Vault / Oracle Outside In Multiple Vulnerabilities (SYM11-011)
Critical Nessus Plugin ID 56413
SynopsisAn archiving application installed on the remote host has multiple vulnerabilities.
DescriptionThe version of Symantec Enterprise Vault installed on the remote host uses a version of the Oracle Outside In libraries that contain multiple memory corruption vulnerabilities. A remote attacker could exploit these by sending an email with a malicious attachment, which could result in arbitrary code execution when it is processed for archiving.
SolutionApply the relevant hotfix referenced in SYM11-011.
Note that versions earlier than 8.0.5 must be upgraded to 8.0.5 before the hotfix can be applied.