Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2011-1036
HistoryFeb 25, 2011 - 6:00 p.m.

Design/Logic Flaw

2011-02-2518:00:00
PRIOn knowledge base
www.prio-n.com
4

7.3 High

AI Score

Confidence

Low

8.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:C/A:C

0.91 High

EPSS

Percentile

98.8%

JSON

The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.

Related

securityvulns 3
zdi 1
cvelist 1
openvas 2
checkpoint_advisories 1
cve 1
securityvulns
securityvulns
CA Internet Security / CA Host-Based Intrusion Prevention System code execution
2011-02-28 00:00:00
CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System
2011-02-28 00:00:00
ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability
2011-02-24 00:00:00
zdi
zdi
CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability
2011-02-23 00:00:00
cvelist
cvelist
CVE-2011-1036
2011-02-25 17:00:00
openvas
openvas
CA Host-Based Intrusion Prevention System 'XMLSecDB' ActiveX Control Code Execution Vulnerability
2011-03-10 00:00:00
CA Host-Based Intrusion Prevention System 'XMLSecDB' ActiveX Control Code Execution Vulnerability
2011-03-10 00:00:00
checkpoint_advisories
checkpoint_advisories
CA Internet Security Suite XMLSecDB ActiveX Insecure File Creation (CVE-2011-1036)
2011-05-16 00:00:00
cve
cve
CVE-2011-1036
2011-02-25 18:00:00

7.3 High

AI Score

Confidence

Low

8.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:C/A:C

0.91 High

EPSS

Percentile

98.8%

JSON
Related for PRION:CVE-2011-1036
securityvulns3zdi1cvelist1openvas2checkpoint_advisories1cve1