CVE-2011-2667
N/A
N/A
Summary
Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.zerodayinitiative.com/advisories/ZDI-11-237/
- http://www.securityfocus.com/archive/1/518935/100/0/threaded
- http://securitytracker.com/id?1025812
- http://securityreason.com/securityalert/8316
- http://www.securityfocus.com/archive/1/518934/100/0/threaded
- http://www.securityfocus.com/bid/48813
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68736
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B5E404992-6B58-4C44-A29D-027D05B6285D%7D
- http://securitytracker.com/id?1025813
- http://secunia.com/advisories/45332
References
- http://www.zerodayinitiative.com/advisories/ZDI-11-237/
- http://www.securityfocus.com/archive/1/518935/100/0/threaded
- http://securitytracker.com/id?1025812
- http://securityreason.com/securityalert/8316
- http://www.securityfocus.com/archive/1/518934/100/0/threaded
- http://www.securityfocus.com/bid/48813
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68736
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B5E404992-6B58-4C44-A29D-027D05B6285D%7D
- http://securitytracker.com/id?1025813
- http://secunia.com/advisories/45332
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.