CVE-2011-1036
CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.
La clase XML Security Database Parser en el control XMLSecDB ActiveX en el componente HIPSEngine en el Management Server anterior a v8.1.0.88, y el cliente anterior a v1.6.450, en CA Host-Based Intrusion Prevention System (HIPS) v8.1, que se utiliza en CA Internet Security Suite (ISS) de 2010, permite a atacantes remotos descargar un programa arbitrario en un equipo cliente, y ejecutar el mismo a través de vectores que comprenden los métodos SetXml y Save.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Internet Security Suite 2010. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim's system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-02-18 CVE Reserved
- 2011-02-23 CVE Published
- 2024-07-23 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/43377 | Third Party Advisory | |
| http://secunia.com/advisories/43490 | Third Party Advisory | |
| http://securityreason.com/securityalert/8106 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/516649/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/516687/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/46539 | Vdb Entry | |
| http://www.securitytracker.com/id?1025120 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2011/0496 | Vdb Entry | |
| http://www.zerodayinitiative.com/advisories/ZDI-11-093 | X_refsource_misc |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65632 | Vdb Entry | |
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4%7D | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ca Search vendor "Ca" | Host-based Intrusion Prevention System Search vendor "Ca" for product "Host-based Intrusion Prevention System" | 8.1 Search vendor "Ca" for product "Host-based Intrusion Prevention System" and version "8.1" | - |
Affected
| in | Ca Search vendor "Ca" | Internet Security Suite 2010 Search vendor "Ca" for product "Internet Security Suite 2010" | * | - |
Affected
|
| Ca Search vendor "Ca" | Host-based Intrusion Prevention System Search vendor "Ca" for product "Host-based Intrusion Prevention System" | 8.1 Search vendor "Ca" for product "Host-based Intrusion Prevention System" and version "8.1" | - |
Affected
| in | Ca Search vendor "Ca" | Internet Security Suite 2011 Search vendor "Ca" for product "Internet Security Suite 2011" | * | - |
Affected
|