CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5472
https://notcve.org/view.php?id=CVE-2007-5472
22 Oct 2007 — Cross-site scripting (XSS) vulnerability in the Server component in CA Host-Based Intrusion Prevention System (HIPS) before 8.0.0.93 allows remote attackers to inject arbitrary web script or HTML via requests that are written to logs for later display in the log viewer. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el componente Server de CA Host-Based Intrusion Prevention System (HIPS) versiones anteriores a 8.0.0.93 permite a atacantes remotos inyectar scripts web o HTML de su elecc... • http://osvdb.org/37998 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2006-6952 – Computer Associates Personal Firewall 9.0 - HIPS Driver 'kmxfw.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2006-6952
24 Jan 2007 — Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. Los controladores del Computer Associates Host Intrusion Prevention System (HIPS) (1) Core kmxstart.sys 6.5.4.31 y (2) Firewall kmxfw.sys 6.5.4.10 permite a usuarios locales la obtención de privilegios mediante el uso de ciertos IOCTLs confidenciales para modificar l... • https://www.exploit-db.com/exploits/29069 •