ReportizFlow
Filtered by vendor Ca
Subscriptions
Total
138 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5329 | 2 Broadcom, Ca | 6 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite and 3 more | 2025-04-09 | N/A |
| Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption. | ||||
| CVE-2009-2740 | 1 Ca | 1 Host-based Intrusion Prevention System | 2025-04-09 | N/A |
| kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet. | ||||
| CVE-2009-1761 | 1 Ca | 1 Arcserve Backup | 2025-04-09 | N/A |
| The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error. | ||||
| CVE-2009-0042 | 2 Broadcom, Ca | 19 Anti-spyware, Anti-spyware For The Enterprise, Anti-virus and 16 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. | ||||
| CVE-2009-2026 | 1 Ca | 4 Advantage Data Transport, It Client Manager, Software Delivery and 1 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data. | ||||
| CVE-2008-4397 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2025-04-09 | N/A |
| Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A. | ||||
| CVE-2008-4399 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation." | ||||
| CVE-2007-2772 | 1 Ca | 1 Brightstor Arcserve Backup | 2025-04-09 | N/A |
| (1) caloggerd.exe (camt70.dll) and (2) mediasvr.exe (catirpc.dll and rwxdr.dll) in CA BrightStor Backup 11.5.2.0 SP2 allow remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted RPC packet. | ||||
| CVE-2007-3334 | 3 Ca, Ingres, Microsoft | 3 Etrust Secure Content Manager, Database Server, All Windows | 2025-04-09 | N/A |
| Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2006-5171 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Protection Suites | 2025-04-09 | N/A |
| Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172. | ||||
| CVE-2007-0673 | 2 Broadcom, Ca | 5 Brightstor Arcserve Backup Laptops Desktops, Business Protection Suite, Desktop Management Suite and 2 more | 2025-04-09 | N/A |
| LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read. | ||||
| CVE-2009-0682 | 1 Ca | 1 Internet Security Suite | 2025-04-09 | N/A |
| vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of service (system crash) via a crafted call. | ||||
| CVE-2007-1785 | 2 Broadcom, Ca | 2 Brightstor Arcserve Backup, Brightstor Arcserve Backup | 2025-04-09 | N/A |
| The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request. | ||||
| CVE-2007-3302 | 2 Broadcom, Ca | 2 Etrust Intrusion Detection, Etrust Intrusion Detection | 2025-04-09 | N/A |
| The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions." | ||||
| CVE-2008-2511 | 1 Ca | 1 Internet Security Suite Plus 2008 | 2025-04-09 | N/A |
| Directory traversal vulnerability in the UmxEventCli.CachedAuditDataList.1 (aka UmxEventCliLib) ActiveX control in UmxEventCli.dll in CA Internet Security Suite 2008 allows remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the argument to the SaveToFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2926 | 2 Broadcom, Ca | 5 Internet Security Suite, Host Based Intrusion Prevention System, Internet Security Suite 2008 and 2 more | 2025-04-09 | N/A |
| The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request. | ||||
| CVE-2009-4225 | 1 Ca | 1 Etrust Pestpatrole Ppctl.dll Activex | 2025-04-09 | N/A |
| Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.dll) 5.6.7.9 in CA eTrust PestPatrol allows remote attackers to execute arbitrary code via a long argument to the Initialize method. | ||||
| CVE-2007-1005 | 2 Broadcom, Ca | 2 Etrust Intrusion Detection, Etrust Intrusion Detection | 2025-04-09 | N/A |
| Heap-based buffer overflow in SW3eng.exe in the eID Engine service in CA (formerly Computer Associates) eTrust Intrusion Detection 3.0.5.57 and earlier allows remote attackers to cause a denial of service (application crash) via a long key length value to the remote administration port (9191/tcp). | ||||
| CVE-2008-4119 | 2 Broadcom, Ca | 2 Service Desk, Cmdb | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CA Service Desk 11.2 and CMDB 11.0 through 11.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "multiple web forms." | ||||
| CVE-2008-4398 | 2 Broadcom, Ca | 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request. | ||||