8.8

CVE-2011-1036

EPSS 5.06%
Published 25.02.2011 18:00:02
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Ca ≫ Host-based Intrusion Prevention System Version8.1

Ca ≫ Internet Security Suite 2010

Ca ≫ Internet Security Suite 2011

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	5.06%	0.887

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	8.6	9.2	AV:N/AC:M/Au:N/C:N/I:C/A:C

http://secunia.com/advisories/43377

http://secunia.com/advisories/43490

http://securityreason.com/securityalert/8106

http://www.securityfocus.com/archive/1/516649/100/0/threaded

http://www.securityfocus.com/archive/1/516687/100/0/threaded

http://www.securityfocus.com/bid/46539

http://www.securitytracker.com/id?1025120

http://www.vupen.com/english/advisories/2011/0496

http://www.zerodayinitiative.com/advisories/ZDI-11-093

https://exchange.xforce.ibmcloud.com/vulnerabilities/65632

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4%7D

https://nvd.nist.gov/vuln/detail/CVE-2011-1036

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-1036

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-1036

EUVD