Filtered by vendor Ca
Subscribe
Total
138 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2193 | 1 Ca | 2 Psformx Active X Control, Webscan Active X Control | 2025-04-11 | 10.0 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the CA (1) PSFormX and (2) WebScan ActiveX controls, as distributed on the CA Global Advisor web site until May 2009, allow remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2010-1222 | 1 Ca | 3 Xosoft Content Distribution, Xosoft High Availability, Xosoft Replication | 2025-04-11 | 5.0 MEDIUM | N/A |
|
CA XOsoft r12.5 does not properly perform authentication, which allows remote attackers to obtain potentially sensitive information via a SOAP request.
|
|||||
| CVE-2008-2926 | 2 Broadcom, Ca | 5 Internet Security Suite, Host Based Intrusion Prevention System, Internet Security Suite 2008 and 2 more | 2025-04-09 | 7.2 HIGH | N/A |
|
The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.
|
|||||
| CVE-2008-2541 | 1 Ca | 1 Etrust Secure Content Manager | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to (1) the file month field in a LIST command; (2) the PASV command; and (3) directories, files, and links in a LIST command.
|
|||||
| CVE-2007-3825 | 2 Broadcom, Ca | 8 Alert Notification Server, Brightstor Arcserve Backup, Brightstor Enterprise Backup and 5 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.
|
|||||
| CVE-2008-4397 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
|
|||||
| CVE-2009-2026 | 1 Ca | 4 Advantage Data Transport, It Client Manager, Software Delivery and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data.
|
|||||
| CVE-2006-5143 | 2 Broadcom, Ca | 5 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite and 2 more | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode ...
Show More |
|||||
| CVE-2007-5006 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup Laptops Desktops, Desktop Management Suite, Protection Suites | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores.
|
|||||
| CVE-2009-2740 | 1 Ca | 1 Host-based Intrusion Prevention System | 2025-04-09 | 5.0 MEDIUM | N/A |
|
kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet.
|
|||||
| CVE-2007-3302 | 2 Broadcom, Ca | 2 Etrust Intrusion Detection, Etrust Intrusion Detection | 2025-04-09 | 9.3 HIGH | N/A |
|
The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."
|
|||||
| CVE-2006-6952 | 1 Ca | 1 Host-based Intrusion Prevention System | 2025-04-09 | 7.2 HIGH | N/A |
|
Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.
|
|||||
| CVE-2009-4225 | 1 Ca | 1 Etrust Pestpatrole Ppctl.dll Activex | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.dll) 5.6.7.9 in CA eTrust PestPatrol allows remote attackers to execute arbitrary code via a long argument to the Initialize method.
|
|||||
| CVE-2006-5171 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Protection Suites | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172.
|
|||||
| CVE-2008-2511 | 1 Ca | 1 Internet Security Suite Plus 2008 | 2025-04-09 | 9.3 HIGH | N/A |
|
Directory traversal vulnerability in the UmxEventCli.CachedAuditDataList.1 (aka UmxEventCliLib) ActiveX control in UmxEventCli.dll in CA Internet Security Suite 2008 allows remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the argument to the SaveToFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-4400 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."
|
|||||
| CVE-2007-4620 | 2 Broadcom, Ca | 4 Anti-virus For The Enterprise, Brightstor Arcserve Backup, Brightstor Arcserve Backup and 1 more | 2025-04-09 | 9.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests.
|
|||||
| CVE-2007-5004 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup Laptops Desktops, Desktop Management Suite, Protection Suites | 2025-04-09 | 9.3 HIGH | N/A |
|
Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain "useless" password.
|
|||||
| CVE-2008-2241 | 2 Broadcom, Ca | 4 Brightstor Arcserve Backup, Server Protection Suite, Brightstor Arcserve Backup and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file.
|
|||||
| CVE-2007-5326 | 2 Broadcom, Ca | 6 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite and 3 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2007-3334 | 3 Ca, Ingres, Microsoft | 3 Etrust Secure Content Manager, Database Server, All Windows | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-0682 | 1 Ca | 1 Internet Security Suite | 2025-04-09 | 2.1 LOW | N/A |
|
vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of service (system crash) via a crafted call.
|
|||||
| CVE-2007-0672 | 2 Broadcom, Ca | 5 Brightstor Arcserve Backup Laptops Desktops, Business Protection Suite, Desktop Management Suite and 2 more | 2025-04-09 | 7.8 HIGH | N/A |
|
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
|
|||||
| CVE-2006-6076 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup, Brightstor Arcserve Backup, Brightstor Arcserve Backup Agent | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502.
|
|||||
| CVE-2008-4398 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.
|
|||||
| CVE-2009-0043 | 1 Ca | 2 Service Level Management, Service Metric Analysis | 2025-04-09 | 10.0 HIGH | N/A |
|
The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 SP1 and Service Level Management 3.5 does not properly restrict access, which allows remote attackers to execute arbitrary commands via unspecified vectors.
|
|||||
| CVE-2009-1761 | 1 Ca | 1 Arcserve Backup | 2025-04-09 | 5.0 MEDIUM | N/A |
|
The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error.
|
|||||
| CVE-2007-5005 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup Laptops Desktops, Desktop Management Suite, Protection Suites | 2025-04-09 | 10.0 HIGH | N/A |
|
Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command.
|
|||||
| CVE-2007-2523 | 2 Broadcom, Ca | 2 Integrated Threat Management, Anti-virus For The Enterprise | 2025-04-09 | 7.2 HIGH | N/A |
|
CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll before 8.0.448.0.
|
|||||
| CVE-2007-2863 | 2 Broadcom, Ca | 6 Anti-virus For The Enterprise, Brightstor Arcserve Backup, Brightstor Enterprise Backup and 3 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file.
|
|||||
| CVE-2007-2772 | 1 Ca | 1 Brightstor Arcserve Backup | 2025-04-09 | 7.8 HIGH | N/A |
|
(1) caloggerd.exe (camt70.dll) and (2) mediasvr.exe (catirpc.dll and rwxdr.dll) in CA BrightStor Backup 11.5.2.0 SP2 allow remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted RPC packet.
|
|||||
| CVE-2009-3588 | 4 Broadcom, Ca, Linux and 1 more | 35 Anti-virus, Anti-virus For The Enterprise, Anti-virus Sdk and 32 more | 2025-04-09 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.
|
|||||
| CVE-2007-0673 | 2 Broadcom, Ca | 5 Brightstor Arcserve Backup Laptops Desktops, Business Protection Suite, Desktop Management Suite and 2 more | 2025-04-09 | 7.8 HIGH | N/A |
|
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read.
|
|||||
| CVE-2007-3875 | 2 Broadcom, Ca | 23 Anti-spyware, Anti-virus For The Enterprise, Anti Virus Sdk and 20 more | 2025-04-09 | 4.3 MEDIUM | N/A |
|
arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.
|
|||||
| CVE-2007-5329 | 2 Broadcom, Ca | 6 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite and 3 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.
|
|||||
| CVE-2007-1005 | 2 Broadcom, Ca | 2 Etrust Intrusion Detection, Etrust Intrusion Detection | 2025-04-09 | 7.8 HIGH | N/A |
|
Heap-based buffer overflow in SW3eng.exe in the eID Engine service in CA (formerly Computer Associates) eTrust Intrusion Detection 3.0.5.57 and earlier allows remote attackers to cause a denial of service (application crash) via a long key length value to the remote administration port (9191/tcp).
|
|||||
| CVE-2008-4399 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation."
|
|||||
| CVE-2007-2139 | 2 Broadcom, Ca | 5 Brightstor Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.
|
|||||
| CVE-2007-1785 | 2 Broadcom, Ca | 2 Brightstor Arcserve Backup, Brightstor Arcserve Backup | 2025-04-09 | 7.1 HIGH | N/A |
|
The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request.
|
|||||
| CVE-2008-2242 | 2 Broadcom, Ca | 2 Brightstor Arcserve Backup, Brightstor Arcserve Backup | 2025-04-09 | 7.5 HIGH | N/A |
|
Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.
|
|||||