CVE-2011-1036 - The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component i

CVE-2011-1036

Summary

The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.

References

Vulnerable Configurations

cpe:2.3:a:ca:host-based_intrusion_prevention_system:8.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:host-based_intrusion_prevention_system:8.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:internet_security_suite_2010:*:*:*:*:*:*:*:*
cpe:2.3:a:ca:internet_security_suite_2010:*:*:*:*:*:*:*:*
cpe:2.3:a:ca:internet_security_suite_2011:*:*:*:*:*:*:*:*
cpe:2.3:a:ca:internet_security_suite_2011:*:*:*:*:*:*:*:*

CVSS

Base:	8.8 (as of 09-10-2018 - 19:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:C/A:C

refmap via4

bid	46539
bugtraq	20110223 ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability 20110225 CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System
confirm	https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}
misc	http://www.zerodayinitiative.com/advisories/ZDI-11-093
sectrack	1025120
secunia	43377 43490
sreason	8106
vupen	ADV-2011-0496
xf	ca-products-activex-file-overwrite(65632)

Last major update

09-10-2018 - 19:30

Published

25-02-2011 - 18:00

Last modified

09-10-2018 - 19:30