CA Host-Based Intrusion Prevention System 'XMLSecDB' ActiveX Control Code Execution Vulnerability

This host is installed with CA Host-Based Intrusion Prevention SystemHIPS and is prone to a remote code-execution vulnerability. OpenVAS Vulnerability Test $Id: gbcahipsactivexctrlcodeexecvuln.nasl 6517 2017-07-04 13:34:20Z cfischer $ CA Host-Based Intrusion Prevention System 'XMLSecDB' ActiveX...

CA Internet Security / CA Host-Based Intrusion Prevention System code execution

SetXml and Save methods of HIPSEngine component allows to save file to any location...

Design/Logic Flaw

The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System HIPS 8.1, as used in CA Internet Security Suite ISS 2010, allows remote attacker...

CVE-2011-1036

CVE-2011-1036 affects CA HIPS and CA ISS where the XMLSecDB ActiveX control (XMLSecDB in HIPSEngine) can be exploited via SetXml/Save to write an arbitrary file on a target host, enabling remote code execution. Affected: HIPS Management Server <8.1.0.88 and clients

CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Internet Security Suite 2010. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the...