4 matches found
CVE-2010-1223
CA XOsoft r12.0/r12.5 are affected by a stack/ buffer overflow in the Control Service, triggered by overly long data to /entry_point.aspx or malformed requests to ws_man/xosoapapi.asmx. The root cause is insufficient boundary checking when processing HTTP/SOAP inputs, enabling a remote attacker t...
CVE-2010-1221
CVE-2010-1221 affects CA XOsoft products (r12.0 and r12.5). The vulnerability arises from improper authentication, allowing unauthenticated remote SOAP requests to enumerate usernames (information disclosure with partial confidentiality impact). The NVD CVE entry notes a network attack vector wit...
CVE-2010-1222
CVE-2010-1222 affects CA XOsoft r12.5. The root cause is a lack of authentication, allowing unauthenticated SOAP requests to obtain potentially sensitive information (information disclosure). References indicate the issue affects XOsoft 12.5 products and CA issued patches (RO15016) for r12.5 prod...
CVE-2010-3984
CVE-2010-3984 is a buffer overflow flaw in CA XOsoft/ARCserve components (mng_core_com.dll) exploited via crafted create_session_bab SOAP requests to xosoapapi.asmx. Affected products include XOsoft Replication (r12.0 SP1, r12.5 SP2 rollups), XOsoft High Availability (r12.0 SP1, r12.5 SP2 rollups...