var-201102-0367
Vulnerability from variot
The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim's system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user. CA Host-Based Intrusion Prevention System(HIPS) is prone to a remote code-execution vulnerability. Failed exploits result in denial-of-service conditions. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: CA Host-Based Intrusion Prevention System "XMLSecDB.DIParser" ActiveX Control Vulnerability
SECUNIA ADVISORY ID: SA43377
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43377/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43377
RELEASE DATE: 2011-03-13
DISCUSS ADVISORY: http://secunia.com/advisories/43377/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43377/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43377
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been discovered in CA Host-Based Intrusion Prevention System, which can be exploited by malicious people to compromise a user's system. This can be exploited to create an arbitrary file using directory traversal specifiers and supply controlled content via the "SetXml()" method.
The vulnerability is confirmed in UmxXmlSd version 1.5.0.263 and reported in the following products: * HIPS Management Server versions prior to 8.1.0.88.
SOLUTION: Apply RO26950 and set registry values. Please see the vendor's advisory for more details.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Andrea Micalizzi aka rgod via ZDI
Additional details provided by Secunia Research.
ORIGINAL ADVISORY: CA (CA20110223-01): https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-093/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System
Issued: February 23, 2011 Updated: February 24, 2011
CA Technologies support is alerting customers to a security risk associated with CA Host-Based Intrusion Prevention System (HIPS). CA Technologies has issued patches to address the vulnerability.
The vulnerability, CVE-2011-1036, is due to insecure method implementation in the XMLSecDB ActiveX control that is utilized in CA HIPS components and products.
HIPS client sources are vulnerable if the build number is less than 1.6.450.
Older versions of HIPS and ISS, that are no longer supported, may also be vulnerable.
Solution
CA has issued the following patches to address the vulnerability. You do not need to restart the client.
CA Internet Security Suite (ISS) 2010: Fix information will be published soon.
CA Internet Security Suite (ISS) 2011: Fix information will be published soon.
References
CVE-2011-1036 - CA HIPS XMLSecDB ActiveX control insecure methods
Acknowledgement
Andrea Micalizzi aka rgod, via TippingPoint ZDI
Change History
Version 1.0: Initial Release Version 1.5: Added ISS 2011 to list of affected products. Added instructions for determining if ISS is affected.
If additional information is required, please contact CA Technologies Support at https://support.ca.com.
If you discover a vulnerability in a CA Technologies product, please report your findings to the CA Technologies Product Vulnerability Response Team. support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Thanks and regards, Ken Williams, Director ca technologies Product Vulnerability Response Team ca technologies Business Unit Operations wilja22@ca.com
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.9.1 (Build 287) Charset: utf-8
wj8DBQFNZypeeSWR3+KUGYURAmbuAJ9tD5x666uOpX6ia6ksu4rdnksyggCfSwCn kb1ylRiLIRzRg3j1VygjImQ= =M+5z -----END PGP SIGNATURE----- . More details can be found at:
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}
-- Disclosure Timeline: 2010-08-25 - Vulnerability reported to vendor 2011-02-23 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Andrea Micalizzi aka rgod
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 2.4,
"vendor": "ca",
"version": "8.1"
},
{
"model": "internet security suite 2011",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite 2010",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite 2010",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.7,
"vendor": "ca",
"version": null
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2011"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2010"
},
{
"model": "associates host-based intrusion prevention system r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:host-based_intrusion_prevention_system",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite_2010",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi aka rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
],
"trust": 1.6
},
"cve": "CVE-2011-1036",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-1036",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-1036",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-48981",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-1036",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-1036",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-1036",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-367",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-48981",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim\u0027s system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user. CA Host-Based Intrusion Prevention System(HIPS) is prone to a remote code-execution vulnerability. Failed exploits result in denial-of-service conditions. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Host-Based Intrusion Prevention System \"XMLSecDB.DIParser\" ActiveX\nControl Vulnerability\n\nSECUNIA ADVISORY ID:\nSA43377\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43377/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43377\n\nRELEASE DATE:\n2011-03-13\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43377/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43377/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43377\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been discovered in CA Host-Based Intrusion\nPrevention System, which can be exploited by malicious people to\ncompromise a user\u0027s system. This can be exploited to create an arbitrary file\nusing directory traversal specifiers and supply controlled content\nvia the \"SetXml()\" method. \n\nThe vulnerability is confirmed in UmxXmlSd version 1.5.0.263 and\nreported in the following products:\n* HIPS Management Server versions prior to 8.1.0.88. \n\nSOLUTION:\nApply RO26950 and set registry values. Please see the vendor\u0027s\nadvisory for more details. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nAndrea Micalizzi aka rgod via ZDI\n\nAdditional details provided by Secunia Research. \n\nORIGINAL ADVISORY:\nCA (CA20110223-01):\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-093/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCA20110223-01: Security Notice for CA Host-Based Intrusion Prevention \nSystem\n\nIssued: February 23, 2011\nUpdated: February 24, 2011\n\n\nCA Technologies support is alerting customers to a security risk \nassociated with CA Host-Based Intrusion Prevention System (HIPS). CA Technologies has issued patches to address the \nvulnerability. \n\nThe vulnerability, CVE-2011-1036, is due to insecure method \nimplementation in the XMLSecDB ActiveX control that is utilized in CA \nHIPS components and products. \n\nHIPS client sources are vulnerable if the build number is less than \n1.6.450. \n\nOlder versions of HIPS and ISS, that are no longer supported, may also \nbe vulnerable. \n\n\nSolution\n\nCA has issued the following patches to address the vulnerability. You \ndo not need to restart the client. \n\nCA Internet Security Suite (ISS) 2010:\nFix information will be published soon. \n\nCA Internet Security Suite (ISS) 2011:\nFix information will be published soon. \n\n\nReferences\n\nCVE-2011-1036 - CA HIPS XMLSecDB ActiveX control insecure methods\n\n\nAcknowledgement\n\nAndrea Micalizzi aka rgod, via TippingPoint ZDI\n\n\nChange History\n\nVersion 1.0: Initial Release\nVersion 1.5: Added ISS 2011 to list of affected products. Added \ninstructions for determining if ISS is affected. \n\n\nIf additional information is required, please contact CA Technologies \nSupport at https://support.ca.com. \n\nIf you discover a vulnerability in a CA Technologies product, please \nreport your findings to the CA Technologies Product Vulnerability \nResponse Team. \nsupport.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nThanks and regards,\nKen Williams, Director\nca technologies Product Vulnerability Response Team\nca technologies Business Unit Operations\nwilja22@ca.com\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.9.1 (Build 287)\nCharset: utf-8\n\nwj8DBQFNZypeeSWR3+KUGYURAmbuAJ9tD5x666uOpX6ia6ksu4rdnksyggCfSwCn\nkb1ylRiLIRzRg3j1VygjImQ=\n=M+5z\n-----END PGP SIGNATURE-----\n. More\ndetails can be found at:\n\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}\n\n-- Disclosure Timeline:\n2010-08-25 - Vulnerability reported to vendor\n2011-02-23 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Andrea Micalizzi aka rgod\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1036"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48981",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48981"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-1036",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-093",
"trust": 3.0
},
{
"db": "BID",
"id": "46539",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "43377",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "43490",
"trust": 1.3
},
{
"db": "SECTRACK",
"id": "1025120",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0496",
"trust": 1.1
},
{
"db": "SREASON",
"id": "8106",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-882",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20110223 ZDI-11-093: CA INTERNET SECURITY SUITE HIPS XML SECURITY DATABASE PARSER CLASS REMOTE CODE EXECUTION VULNERABILITY",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "16511",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "98694",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "98719",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48981",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99241",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99243",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"id": "VAR-201102-0367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48981"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:09:01.442000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CA20110208-01: Security Advisory for CA Secure Content Manager, Gateway Security",
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4%7D"
},
{
"title": "CA has issued an update to correct this vulnerability.{53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}",
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID="
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-093"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/46539"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516649/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516687/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=%7b53a608df-bfdb-4ab3-a98f-e4bb6bc7a2f4%7d"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1025120"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43377"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43490"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8106"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0496"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65632"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1036"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1036"
},
{
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid="
},
{
"trust": 0.6,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid={53a608df-bfdb-4ab3-a98f-e4bb6bc7a2f4}"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/516649/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16511"
},
{
"trust": 0.5,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-093/"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1036"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43377/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43377/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43377"
},
{
"trust": 0.1,
"url": "https://support.ca.com."
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43490/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43490"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43490/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-23T00:00:00",
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"date": "2011-02-25T00:00:00",
"db": "VULHUB",
"id": "VHN-48981"
},
{
"date": "2011-02-23T00:00:00",
"db": "BID",
"id": "46539"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"date": "2011-03-14T11:36:59",
"db": "PACKETSTORM",
"id": "99241"
},
{
"date": "2011-02-25T04:53:57",
"db": "PACKETSTORM",
"id": "98719"
},
{
"date": "2011-03-14T11:37:04",
"db": "PACKETSTORM",
"id": "99243"
},
{
"date": "2011-02-24T01:23:59",
"db": "PACKETSTORM",
"id": "98694"
},
{
"date": "2011-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"date": "2011-02-25T18:00:02.167000",
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-23T00:00:00",
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-48981"
},
{
"date": "2011-02-25T14:28:00",
"db": "BID",
"id": "46539"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"date": "2011-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"date": "2024-11-21T01:25:22.973000",
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA ISS Used in CA HIPS of XML Security Database Parser class Vulnerabilities in arbitrary programs being downloaded to client machines",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.