Filtered by vendor Ca
Subscribe
Total
139 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0758 | 1 Ca | 2 Etrust Secure Content Manager, Gateway Security | 2023-12-10 | 10.0 HIGH | N/A |
| The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow. | |||||
| CVE-2011-2667 | 2 Broadcom, Ca | 2 Total Defense, Gateway Security | 2023-12-10 | 10.0 HIGH | N/A |
| Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request. | |||||
| CVE-2010-1222 | 1 Ca | 3 Xosoft Content Distribution, Xosoft High Availability, Xosoft Replication | 2023-12-10 | 5.0 MEDIUM | N/A |
| CA XOsoft r12.5 does not properly perform authentication, which allows remote attackers to obtain potentially sensitive information via a SOAP request. | |||||
| CVE-2010-0640 | 1 Ca | 1 Ehealth Performance Manager | 2023-12-10 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request. | |||||
| CVE-2011-1718 | 2 Broadcom, Ca | 2 Siteminder, Siteminder | 2023-12-10 | 4.3 MEDIUM | N/A |
| The Web Agents component in CA SiteMinder R6 before SP6 CR2 and R12 before SP3 CR2 does not properly handle multi-line headers, which allows remote authenticated users to conduct impersonation attacks and gain privileges via crafted data. | |||||
| CVE-2008-4119 | 2 Broadcom, Ca | 2 Service Desk, Cmdb | 2023-12-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CA Service Desk 11.2 and CMDB 11.0 through 11.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "multiple web forms." | |||||
| CVE-2008-3175 | 2 Broadcom, Ca | 5 Brightstor Arcserve Backup, Desktop Management Suite, Arcserve Backup For Laptops And Desktops and 2 more | 2023-12-10 | 10.0 HIGH | N/A |
| Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow. | |||||
| CVE-2009-2740 | 1 Ca | 1 Host-based Intrusion Prevention System | 2023-12-10 | 5.0 MEDIUM | N/A |
| kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet. | |||||
| CVE-2009-3587 | 3 Broadcom, Ca, Linux | 33 Anti-virus, Anti-virus For The Enterprise, Anti-virus Sdk and 30 more | 2023-12-10 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. | |||||
| CVE-2008-4399 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation." | |||||
| CVE-2008-2242 | 2 Broadcom, Ca | 2 Brightstor Arcserve Backup, Brightstor Arcserve Backup | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function. | |||||
| CVE-2009-0042 | 2 Broadcom, Ca | 19 Anti-spyware, Anti-spyware For The Enterprise, Anti-virus and 16 more | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. | |||||
| CVE-2008-2241 | 2 Broadcom, Ca | 4 Brightstor Arcserve Backup, Server Protection Suite, Brightstor Arcserve Backup and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file. | |||||
| CVE-2009-4225 | 1 Ca | 1 Etrust Pestpatrole Ppctl.dll Activex | 2023-12-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.dll) 5.6.7.9 in CA eTrust PestPatrol allows remote attackers to execute arbitrary code via a long argument to the Initialize method. | |||||
| CVE-2008-2926 | 2 Broadcom, Ca | 5 Internet Security Suite, Host Based Intrusion Prevention System, Internet Security Suite 2008 and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
| The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request. | |||||
| CVE-2007-4620 | 2 Broadcom, Ca | 4 Anti-virus For The Enterprise, Brightstor Arcserve Backup, Brightstor Arcserve Backup and 1 more | 2023-12-10 | 9.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests. | |||||
| CVE-2009-1761 | 1 Ca | 1 Arcserve Backup | 2023-12-10 | 5.0 MEDIUM | N/A |
| The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error. | |||||
| CVE-2009-2026 | 1 Ca | 4 Advantage Data Transport, It Client Manager, Software Delivery and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data. | |||||
| CVE-2008-5415 | 3 Broadcom, Ca, Microsoft | 3 Arcserve Backup, Arcserve Backup, Windows | 2023-12-10 | 10.0 HIGH | N/A |
| The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure. | |||||
| CVE-2009-4149 | 1 Ca | 1 Service Desk | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface in CA Service Desk 12.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter. | |||||