Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for etrust_integrated_threat_management by broadcom

    CVE-2009-3588 (GCVE-0-2009-3588)

    Vulnerability from nvd – Published: 2009-10-13 10:00 – Updated: 2024-08-07 06:31
    VLAI
    Summary
    Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://support.ca.com/irj/portal/anonymous/phpsup… x_refsource_CONFIRM
    http://secunia.com/advisories/36976 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1022999 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2009/2852 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/507068/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/36653 vdb-entryx_refsource_BID
    Date Public
    2009-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:31:10.558Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ca-rar-dos(53698)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
              },
              {
                "name": "36976",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36976"
              },
              {
                "name": "1022999",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022999"
              },
              {
                "name": "ADV-2009-2852",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2852"
              },
              {
                "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
              },
              {
                "name": "36653",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/36653"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ca-rar-dos(53698)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
            },
            {
              "name": "36976",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36976"
            },
            {
              "name": "1022999",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022999"
            },
            {
              "name": "ADV-2009-2852",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2852"
            },
            {
              "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
            },
            {
              "name": "36653",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/36653"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-3588",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ca-rar-dos(53698)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
                },
                {
                  "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
                  "refsource": "CONFIRM",
                  "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
                },
                {
                  "name": "36976",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36976"
                },
                {
                  "name": "1022999",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022999"
                },
                {
                  "name": "ADV-2009-2852",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2852"
                },
                {
                  "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
                },
                {
                  "name": "36653",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/36653"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-3588",
        "datePublished": "2009-10-13T10:00:00.000Z",
        "dateReserved": "2009-10-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:31:10.558Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3587 (GCVE-0-2009-3587)

    Vulnerability from nvd – Published: 2009-10-13 10:00 – Updated: 2024-08-07 06:31
    VLAI
    Summary
    Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://support.ca.com/irj/portal/anonymous/phpsup… x_refsource_CONFIRM
    http://osvdb.org/58691 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/36976 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1022999 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2009/2852 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/507068/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/36653 vdb-entryx_refsource_BID
    Date Public
    2009-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:31:10.544Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
              },
              {
                "name": "58691",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/58691"
              },
              {
                "name": "36976",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36976"
              },
              {
                "name": "1022999",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022999"
              },
              {
                "name": "ADV-2009-2852",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2852"
              },
              {
                "name": "ca-rar-code-execution(53697)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
              },
              {
                "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
              },
              {
                "name": "36653",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/36653"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
            },
            {
              "name": "58691",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/58691"
            },
            {
              "name": "36976",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36976"
            },
            {
              "name": "1022999",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022999"
            },
            {
              "name": "ADV-2009-2852",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2852"
            },
            {
              "name": "ca-rar-code-execution(53697)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
            },
            {
              "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
            },
            {
              "name": "36653",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/36653"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-3587",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
                  "refsource": "CONFIRM",
                  "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
                },
                {
                  "name": "58691",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/58691"
                },
                {
                  "name": "36976",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36976"
                },
                {
                  "name": "1022999",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022999"
                },
                {
                  "name": "ADV-2009-2852",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2852"
                },
                {
                  "name": "ca-rar-code-execution(53697)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
                },
                {
                  "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
                },
                {
                  "name": "36653",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/36653"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-3587",
        "datePublished": "2009-10-13T10:00:00.000Z",
        "dateReserved": "2009-10-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:31:10.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5439 (GCVE-0-2007-5439)

    Vulnerability from nvd – Published: 2007-10-13 01:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/3219 third-party-advisoryx_refsource_SREASON
    http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf x_refsource_MISC
    http://www.securityfocus.com/bid/26012 vdb-entryx_refsource_BID
    http://osvdb.org/43487 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/482021/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2007-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.750Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3219",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3219"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf"
              },
              {
                "name": "26012",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26012"
              },
              {
                "name": "43487",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43487"
              },
              {
                "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3219",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3219"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf"
            },
            {
              "name": "26012",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26012"
            },
            {
              "name": "43487",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43487"
            },
            {
              "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5439",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3219",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3219"
                },
                {
                  "name": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf",
                  "refsource": "MISC",
                  "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf"
                },
                {
                  "name": "26012",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26012"
                },
                {
                  "name": "43487",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43487"
                },
                {
                  "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5439",
        "datePublished": "2007-10-13T01:00:00.000Z",
        "dateReserved": "2007-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.750Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5437 (GCVE-0-2007-5437)

    Vulnerability from nvd – Published: 2007-10-13 01:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/3219 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/482021/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/26013 vdb-entryx_refsource_BID
    http://www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf x_refsource_MISC
    http://osvdb.org/43482 vdb-entryx_refsource_OSVDB
    Date Public
    2007-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.319Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3219",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3219"
              },
              {
                "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
              },
              {
                "name": "26013",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26013"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf"
              },
              {
                "name": "43482",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43482"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3219",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3219"
            },
            {
              "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
            },
            {
              "name": "26013",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26013"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf"
            },
            {
              "name": "43482",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43482"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5437",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3219",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3219"
                },
                {
                  "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
                },
                {
                  "name": "26013",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26013"
                },
                {
                  "name": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf",
                  "refsource": "MISC",
                  "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf"
                },
                {
                  "name": "43482",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43482"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5437",
        "datePublished": "2007-10-13T01:00:00.000Z",
        "dateReserved": "2007-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2522 (GCVE-0-2007-2522)

    Vulnerability from nvd – Published: 2007-05-11 03:55 – Updated: 2024-08-07 13:42
    VLAI
    Summary
    Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://supportconnectw.ca.com/public/antivirus/in… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1018043 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/34585 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2007/1750 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/23906 vdb-entryx_refsource_BID
    http://secunia.com/advisories/25202 third-party-advisoryx_refsource_SECUNIA
    http://www.zerodayinitiative.com/advisories/ZDI-0… x_refsource_MISC
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.kb.cert.org/vuls/id/680616 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/archive/1/468304/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2007-05-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:42:33.373Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp"
              },
              {
                "name": "1018043",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018043"
              },
              {
                "name": "ca-console-server-bo(34204)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34204"
              },
              {
                "name": "34585",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/34585"
              },
              {
                "name": "ADV-2007-1750",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1750"
              },
              {
                "name": "23906",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23906"
              },
              {
                "name": "25202",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25202"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-028.html"
              },
              {
                "name": "20050711 [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.html"
              },
              {
                "name": "VU#680616",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/680616"
              },
              {
                "name": "20070511 ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/468304/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp"
            },
            {
              "name": "1018043",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018043"
            },
            {
              "name": "ca-console-server-bo(34204)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34204"
            },
            {
              "name": "34585",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/34585"
            },
            {
              "name": "ADV-2007-1750",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1750"
            },
            {
              "name": "23906",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23906"
            },
            {
              "name": "25202",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25202"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-028.html"
            },
            {
              "name": "20050711 [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.html"
            },
            {
              "name": "VU#680616",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/680616"
            },
            {
              "name": "20070511 ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/468304/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2522",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp",
                  "refsource": "CONFIRM",
                  "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp"
                },
                {
                  "name": "1018043",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018043"
                },
                {
                  "name": "ca-console-server-bo(34204)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34204"
                },
                {
                  "name": "34585",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/34585"
                },
                {
                  "name": "ADV-2007-1750",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1750"
                },
                {
                  "name": "23906",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23906"
                },
                {
                  "name": "25202",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25202"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-028.html",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-028.html"
                },
                {
                  "name": "20050711 [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.html"
                },
                {
                  "name": "VU#680616",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/680616"
                },
                {
                  "name": "20070511 ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/468304/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2522",
        "datePublished": "2007-05-11T03:55:00.000Z",
        "dateReserved": "2007-05-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:42:33.373Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3653 (GCVE-0-2005-3653)

    Vulnerability from nvd – Published: 2006-01-23 20:00 – Updated: 2024-08-07 23:17
    VLAI
    Summary
    Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015526 vdb-entryx_refsource_SECTRACK
    http://marc.info/?l=full-disclosure&m=11380334971… mailing-listx_refsource_FULLDISC
    http://www.osvdb.org/22688 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/18591 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/16354 vdb-entryx_refsource_BID
    http://www3.ca.com/securityadvisor/vulninfo/vuln.… x_refsource_CONFIRM
    http://securityreason.com/securityalert/380 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/0311 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/423288/100… mailing-listx_refsource_BUGTRAQ
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    http://www.securityfocus.com/archive/1/423403/100… mailing-listx_refsource_BUGTRAQ
    http://supportconnectw.ca.com/public/ca_common_do… x_refsource_CONFIRM
    Date Public
    2006-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:23.637Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015526",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015526"
              },
              {
                "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
              },
              {
                "name": "22688",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22688"
              },
              {
                "name": "18591",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18591"
              },
              {
                "name": "16354",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16354"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
              },
              {
                "name": "380",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/380"
              },
              {
                "name": "ca-igateway-contentlength-bo(24269)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
              },
              {
                "name": "ADV-2006-0311",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0311"
              },
              {
                "name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
              },
              {
                "name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
              },
              {
                "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015526",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015526"
            },
            {
              "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
            },
            {
              "name": "22688",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22688"
            },
            {
              "name": "18591",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18591"
            },
            {
              "name": "16354",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16354"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
            },
            {
              "name": "380",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/380"
            },
            {
              "name": "ca-igateway-contentlength-bo(24269)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
            },
            {
              "name": "ADV-2006-0311",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0311"
            },
            {
              "name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
            },
            {
              "name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
            },
            {
              "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3653",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015526",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015526"
                },
                {
                  "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
                },
                {
                  "name": "22688",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22688"
                },
                {
                  "name": "18591",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18591"
                },
                {
                  "name": "16354",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16354"
                },
                {
                  "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778",
                  "refsource": "CONFIRM",
                  "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
                },
                {
                  "name": "380",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/380"
                },
                {
                  "name": "ca-igateway-contentlength-bo(24269)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
                },
                {
                  "name": "ADV-2006-0311",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0311"
                },
                {
                  "name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
                },
                {
                  "name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
                },
                {
                  "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
                },
                {
                  "name": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp",
                  "refsource": "CONFIRM",
                  "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3653",
        "datePublished": "2006-01-23T20:00:00.000Z",
        "dateReserved": "2005-11-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:17:23.637Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3587 (GCVE-0-2009-3587)

    Vulnerability from cvelistv5 – Published: 2009-10-13 10:00 – Updated: 2024-08-07 06:31
    VLAI
    Summary
    Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://support.ca.com/irj/portal/anonymous/phpsup… x_refsource_CONFIRM
    http://osvdb.org/58691 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/36976 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1022999 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2009/2852 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/507068/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/36653 vdb-entryx_refsource_BID
    Date Public
    2009-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:31:10.544Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
              },
              {
                "name": "58691",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/58691"
              },
              {
                "name": "36976",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36976"
              },
              {
                "name": "1022999",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022999"
              },
              {
                "name": "ADV-2009-2852",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2852"
              },
              {
                "name": "ca-rar-code-execution(53697)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
              },
              {
                "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
              },
              {
                "name": "36653",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/36653"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
            },
            {
              "name": "58691",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/58691"
            },
            {
              "name": "36976",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36976"
            },
            {
              "name": "1022999",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022999"
            },
            {
              "name": "ADV-2009-2852",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2852"
            },
            {
              "name": "ca-rar-code-execution(53697)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
            },
            {
              "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
            },
            {
              "name": "36653",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/36653"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-3587",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
                  "refsource": "CONFIRM",
                  "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
                },
                {
                  "name": "58691",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/58691"
                },
                {
                  "name": "36976",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36976"
                },
                {
                  "name": "1022999",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022999"
                },
                {
                  "name": "ADV-2009-2852",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2852"
                },
                {
                  "name": "ca-rar-code-execution(53697)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
                },
                {
                  "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
                },
                {
                  "name": "36653",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/36653"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-3587",
        "datePublished": "2009-10-13T10:00:00.000Z",
        "dateReserved": "2009-10-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:31:10.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3588 (GCVE-0-2009-3588)

    Vulnerability from cvelistv5 – Published: 2009-10-13 10:00 – Updated: 2024-08-07 06:31
    VLAI
    Summary
    Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://support.ca.com/irj/portal/anonymous/phpsup… x_refsource_CONFIRM
    http://secunia.com/advisories/36976 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1022999 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2009/2852 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/507068/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/36653 vdb-entryx_refsource_BID
    Date Public
    2009-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:31:10.558Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ca-rar-dos(53698)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
              },
              {
                "name": "36976",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36976"
              },
              {
                "name": "1022999",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022999"
              },
              {
                "name": "ADV-2009-2852",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2852"
              },
              {
                "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
              },
              {
                "name": "36653",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/36653"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ca-rar-dos(53698)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
            },
            {
              "name": "36976",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36976"
            },
            {
              "name": "1022999",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022999"
            },
            {
              "name": "ADV-2009-2852",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2852"
            },
            {
              "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
            },
            {
              "name": "36653",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/36653"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-3588",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ca-rar-dos(53698)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
                },
                {
                  "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
                  "refsource": "CONFIRM",
                  "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
                },
                {
                  "name": "36976",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36976"
                },
                {
                  "name": "1022999",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022999"
                },
                {
                  "name": "ADV-2009-2852",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2852"
                },
                {
                  "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
                },
                {
                  "name": "36653",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/36653"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-3588",
        "datePublished": "2009-10-13T10:00:00.000Z",
        "dateReserved": "2009-10-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:31:10.558Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5439 (GCVE-0-2007-5439)

    Vulnerability from cvelistv5 – Published: 2007-10-13 01:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/3219 third-party-advisoryx_refsource_SREASON
    http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf x_refsource_MISC
    http://www.securityfocus.com/bid/26012 vdb-entryx_refsource_BID
    http://osvdb.org/43487 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/482021/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2007-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.750Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3219",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3219"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf"
              },
              {
                "name": "26012",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26012"
              },
              {
                "name": "43487",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43487"
              },
              {
                "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3219",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3219"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf"
            },
            {
              "name": "26012",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26012"
            },
            {
              "name": "43487",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43487"
            },
            {
              "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5439",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3219",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3219"
                },
                {
                  "name": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf",
                  "refsource": "MISC",
                  "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf"
                },
                {
                  "name": "26012",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26012"
                },
                {
                  "name": "43487",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43487"
                },
                {
                  "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5439",
        "datePublished": "2007-10-13T01:00:00.000Z",
        "dateReserved": "2007-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.750Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5437 (GCVE-0-2007-5437)

    Vulnerability from cvelistv5 – Published: 2007-10-13 01:00 – Updated: 2024-08-07 15:31
    VLAI
    Summary
    The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/3219 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/482021/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/26013 vdb-entryx_refsource_BID
    http://www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf x_refsource_MISC
    http://osvdb.org/43482 vdb-entryx_refsource_OSVDB
    Date Public
    2007-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:31:58.319Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3219",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3219"
              },
              {
                "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
              },
              {
                "name": "26013",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26013"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf"
              },
              {
                "name": "43482",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43482"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3219",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3219"
            },
            {
              "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
            },
            {
              "name": "26013",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26013"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf"
            },
            {
              "name": "43482",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43482"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5437",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3219",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3219"
                },
                {
                  "name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
                },
                {
                  "name": "26013",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26013"
                },
                {
                  "name": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf",
                  "refsource": "MISC",
                  "url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM2.pdf"
                },
                {
                  "name": "43482",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43482"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5437",
        "datePublished": "2007-10-13T01:00:00.000Z",
        "dateReserved": "2007-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:31:58.319Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2522 (GCVE-0-2007-2522)

    Vulnerability from cvelistv5 – Published: 2007-05-11 03:55 – Updated: 2024-08-07 13:42
    VLAI
    Summary
    Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://supportconnectw.ca.com/public/antivirus/in… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1018043 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/34585 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2007/1750 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/23906 vdb-entryx_refsource_BID
    http://secunia.com/advisories/25202 third-party-advisoryx_refsource_SECUNIA
    http://www.zerodayinitiative.com/advisories/ZDI-0… x_refsource_MISC
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.kb.cert.org/vuls/id/680616 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/archive/1/468304/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2007-05-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:42:33.373Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp"
              },
              {
                "name": "1018043",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018043"
              },
              {
                "name": "ca-console-server-bo(34204)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34204"
              },
              {
                "name": "34585",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/34585"
              },
              {
                "name": "ADV-2007-1750",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1750"
              },
              {
                "name": "23906",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/23906"
              },
              {
                "name": "25202",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25202"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-028.html"
              },
              {
                "name": "20050711 [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.html"
              },
              {
                "name": "VU#680616",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/680616"
              },
              {
                "name": "20070511 ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/468304/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp"
            },
            {
              "name": "1018043",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018043"
            },
            {
              "name": "ca-console-server-bo(34204)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34204"
            },
            {
              "name": "34585",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/34585"
            },
            {
              "name": "ADV-2007-1750",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1750"
            },
            {
              "name": "23906",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/23906"
            },
            {
              "name": "25202",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25202"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-028.html"
            },
            {
              "name": "20050711 [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.html"
            },
            {
              "name": "VU#680616",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/680616"
            },
            {
              "name": "20070511 ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/468304/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2522",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp",
                  "refsource": "CONFIRM",
                  "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp"
                },
                {
                  "name": "1018043",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018043"
                },
                {
                  "name": "ca-console-server-bo(34204)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34204"
                },
                {
                  "name": "34585",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/34585"
                },
                {
                  "name": "ADV-2007-1750",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1750"
                },
                {
                  "name": "23906",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/23906"
                },
                {
                  "name": "25202",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25202"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-028.html",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-028.html"
                },
                {
                  "name": "20050711 [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.html"
                },
                {
                  "name": "VU#680616",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/680616"
                },
                {
                  "name": "20070511 ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/468304/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2522",
        "datePublished": "2007-05-11T03:55:00.000Z",
        "dateReserved": "2007-05-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:42:33.373Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3653 (GCVE-0-2005-3653)

    Vulnerability from cvelistv5 – Published: 2006-01-23 20:00 – Updated: 2024-08-07 23:17
    VLAI
    Summary
    Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015526 vdb-entryx_refsource_SECTRACK
    http://marc.info/?l=full-disclosure&m=11380334971… mailing-listx_refsource_FULLDISC
    http://www.osvdb.org/22688 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/18591 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/16354 vdb-entryx_refsource_BID
    http://www3.ca.com/securityadvisor/vulninfo/vuln.… x_refsource_CONFIRM
    http://securityreason.com/securityalert/380 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/0311 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/423288/100… mailing-listx_refsource_BUGTRAQ
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    http://www.securityfocus.com/archive/1/423403/100… mailing-listx_refsource_BUGTRAQ
    http://supportconnectw.ca.com/public/ca_common_do… x_refsource_CONFIRM
    Date Public
    2006-01-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:23.637Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015526",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015526"
              },
              {
                "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
              },
              {
                "name": "22688",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22688"
              },
              {
                "name": "18591",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18591"
              },
              {
                "name": "16354",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16354"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
              },
              {
                "name": "380",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/380"
              },
              {
                "name": "ca-igateway-contentlength-bo(24269)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
              },
              {
                "name": "ADV-2006-0311",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0311"
              },
              {
                "name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
              },
              {
                "name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
              },
              {
                "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015526",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015526"
            },
            {
              "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
            },
            {
              "name": "22688",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22688"
            },
            {
              "name": "18591",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18591"
            },
            {
              "name": "16354",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16354"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
            },
            {
              "name": "380",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/380"
            },
            {
              "name": "ca-igateway-contentlength-bo(24269)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
            },
            {
              "name": "ADV-2006-0311",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0311"
            },
            {
              "name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
            },
            {
              "name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
            },
            {
              "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3653",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015526",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015526"
                },
                {
                  "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
                },
                {
                  "name": "22688",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22688"
                },
                {
                  "name": "18591",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18591"
                },
                {
                  "name": "16354",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16354"
                },
                {
                  "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778",
                  "refsource": "CONFIRM",
                  "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
                },
                {
                  "name": "380",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/380"
                },
                {
                  "name": "ca-igateway-contentlength-bo(24269)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
                },
                {
                  "name": "ADV-2006-0311",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0311"
                },
                {
                  "name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
                },
                {
                  "name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
                },
                {
                  "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
                },
                {
                  "name": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp",
                  "refsource": "CONFIRM",
                  "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3653",
        "datePublished": "2006-01-23T20:00:00.000Z",
        "dateReserved": "2005-11-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:17:23.637Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }