Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 25/02/2011 Updated: 07/11/2023

CVSS v2 Base Score: 8.8 | Impact Score: 9.2 | Exploitability Score: 8.6

VMScore: 783

Vector: AV:N/AC:M/Au:N/C:N/I:C/A:C

The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server prior to 8.1.0.88, and the client prior to 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote malicious users to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ca host-based_intrusion_prevention_system 8.1
ca internet_security_suite_2010
ca internet_security_suite_2011

NVD-CWE-Other http://www.zerodayinitiative.com/advisories/ZDI-11-093 http://www.securitytracker.com/id?1025120 http://secunia.com/advisories/43377 http://secunia.com/advisories/43490 http://www.vupen.com/english/advisories/2011/0496 http://www.securityfocus.com/bid/46539 http://securityreason.com/securityalert/8106 https://exchange.xforce.ibmcloud.com/vulnerabilities/65632 http://www.securityfocus.com/archive/1/516687/100/0/threaded http://www.securityfocus.com/archive/1/516649/100/0/threaded https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4%7D https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-1036

Vulnerability Summary

References

Vulmon Search

About

Products

Connect