8.8

CVE-2011-1036

EPSS 5.06%
Veröffentlicht 25.02.2011 18:00:02
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 14

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ca ≫ Host-based Intrusion Prevention System Version8.1

Ca ≫ Internet Security Suite 2010

Ca ≫ Internet Security Suite 2011

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	5.06%	0.887

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	8.6	9.2	AV:N/AC:M/Au:N/C:N/I:C/A:C

http://secunia.com/advisories/43377

http://secunia.com/advisories/43490

http://securityreason.com/securityalert/8106

http://www.securityfocus.com/archive/1/516649/100/0/threaded

http://www.securityfocus.com/archive/1/516687/100/0/threaded

http://www.securityfocus.com/bid/46539

http://www.securitytracker.com/id?1025120

http://www.vupen.com/english/advisories/2011/0496

http://www.zerodayinitiative.com/advisories/ZDI-11-093

https://exchange.xforce.ibmcloud.com/vulnerabilities/65632

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4%7D

https://nvd.nist.gov/vuln/detail/CVE-2011-1036

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-1036

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-1036

EUVD