Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for host-based_intrusion_prevention_system by ca

    CVE-2011-1036 (GCVE-0-2011-1036)

    Vulnerability from nvd – Published: 2011-02-25 17:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2011/0496 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/43490 third-party-advisoryx_refsource_SECUNIA
    http://www.zerodayinitiative.com/advisories/ZDI-11-093 x_refsource_MISC
    http://secunia.com/advisories/43377 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/46539 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/516649/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/8106 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/516687/100… mailing-listx_refsource_BUGTRAQ
    http://www.securitytracker.com/id?1025120 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://support.ca.com/irj/portal/anonymous/phpsu… x_refsource_CONFIRM
    Date Public
    2011-02-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:27.259Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2011-0496",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0496"
              },
              {
                "name": "43490",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43490"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-093"
              },
              {
                "name": "43377",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43377"
              },
              {
                "name": "46539",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46539"
              },
              {
                "name": "20110223 ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/516649/100/0/threaded"
              },
              {
                "name": "8106",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8106"
              },
              {
                "name": "20110225 CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/516687/100/0/threaded"
              },
              {
                "name": "1025120",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1025120"
              },
              {
                "name": "ca-products-activex-file-overwrite(65632)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65632"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4%7D"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2011-0496",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0496"
            },
            {
              "name": "43490",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43490"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-093"
            },
            {
              "name": "43377",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43377"
            },
            {
              "name": "46539",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46539"
            },
            {
              "name": "20110223 ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/516649/100/0/threaded"
            },
            {
              "name": "8106",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8106"
            },
            {
              "name": "20110225 CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/516687/100/0/threaded"
            },
            {
              "name": "1025120",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1025120"
            },
            {
              "name": "ca-products-activex-file-overwrite(65632)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65632"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4%7D"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-1036",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2011-0496",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0496"
                },
                {
                  "name": "43490",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43490"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-093",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-093"
                },
                {
                  "name": "43377",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43377"
                },
                {
                  "name": "46539",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46539"
                },
                {
                  "name": "20110223 ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/516649/100/0/threaded"
                },
                {
                  "name": "8106",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8106"
                },
                {
                  "name": "20110225 CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/516687/100/0/threaded"
                },
                {
                  "name": "1025120",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1025120"
                },
                {
                  "name": "ca-products-activex-file-overwrite(65632)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65632"
                },
                {
                  "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}",
                  "refsource": "CONFIRM",
                  "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-1036",
        "datePublished": "2011-02-25T17:00:00.000Z",
        "dateReserved": "2011-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:27.259Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2740 (GCVE-0-2009-2740)

    Vulnerability from nvd – Published: 2009-08-19 17:00 – Updated: 2024-08-07 05:59
    VLAI
    Summary
    kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-08-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:59:57.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20090818 CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/505881/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214665"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20090818 CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/505881/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214665"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2740",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20090818 CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/505881/100/0/threaded"
                },
                {
                  "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214665",
                  "refsource": "CONFIRM",
                  "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214665"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2740",
        "datePublished": "2009-08-19T17:00:00.000Z",
        "dateReserved": "2009-08-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:59:57.207Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6952 (GCVE-0-2006-6952)

    Vulnerability from nvd – Published: 2007-01-24 23:00 – Updated: 2024-08-07 20:50
    VLAI
    Summary
    Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www3.ca.com/securityadvisor/newsinfo/colla… x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/452286/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/21140 vdb-entryx_refsource_BID
    http://www.osvdb.org/30497 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/451952/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/22972 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/30498 vdb-entryx_refsource_OSVDB
    http://www3.ca.com/securityadvisor/vulninfo/vuln.… x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/458040/100… mailing-listx_refsource_BUGTRAQ
    http://www.reversemode.com/index.php?option=com_r… x_refsource_MISC
    Date Public
    2006-11-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:50:05.694Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
              },
              {
                "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
              },
              {
                "name": "21140",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21140"
              },
              {
                "name": "30497",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/30497"
              },
              {
                "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
              },
              {
                "name": "22972",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22972"
              },
              {
                "name": "30498",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/30498"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
              },
              {
                "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
            },
            {
              "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
            },
            {
              "name": "21140",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21140"
            },
            {
              "name": "30497",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/30497"
            },
            {
              "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
            },
            {
              "name": "22972",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22972"
            },
            {
              "name": "30498",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/30498"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
            },
            {
              "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6952",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729",
                  "refsource": "CONFIRM",
                  "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
                },
                {
                  "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
                },
                {
                  "name": "21140",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21140"
                },
                {
                  "name": "30497",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/30497"
                },
                {
                  "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
                },
                {
                  "name": "22972",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22972"
                },
                {
                  "name": "30498",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/30498"
                },
                {
                  "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818",
                  "refsource": "CONFIRM",
                  "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
                },
                {
                  "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
                },
                {
                  "name": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38",
                  "refsource": "MISC",
                  "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6952",
        "datePublished": "2007-01-24T23:00:00.000Z",
        "dateReserved": "2007-01-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:50:05.694Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1036 (GCVE-0-2011-1036)

    Vulnerability from cvelistv5 – Published: 2011-02-25 17:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2011/0496 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/43490 third-party-advisoryx_refsource_SECUNIA
    http://www.zerodayinitiative.com/advisories/ZDI-11-093 x_refsource_MISC
    http://secunia.com/advisories/43377 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/46539 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/516649/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/8106 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/516687/100… mailing-listx_refsource_BUGTRAQ
    http://www.securitytracker.com/id?1025120 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://support.ca.com/irj/portal/anonymous/phpsu… x_refsource_CONFIRM
    Date Public
    2011-02-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:27.259Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2011-0496",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0496"
              },
              {
                "name": "43490",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43490"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-093"
              },
              {
                "name": "43377",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43377"
              },
              {
                "name": "46539",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46539"
              },
              {
                "name": "20110223 ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/516649/100/0/threaded"
              },
              {
                "name": "8106",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8106"
              },
              {
                "name": "20110225 CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/516687/100/0/threaded"
              },
              {
                "name": "1025120",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1025120"
              },
              {
                "name": "ca-products-activex-file-overwrite(65632)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65632"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4%7D"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-02-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2011-0496",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0496"
            },
            {
              "name": "43490",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43490"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-093"
            },
            {
              "name": "43377",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43377"
            },
            {
              "name": "46539",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46539"
            },
            {
              "name": "20110223 ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/516649/100/0/threaded"
            },
            {
              "name": "8106",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8106"
            },
            {
              "name": "20110225 CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/516687/100/0/threaded"
            },
            {
              "name": "1025120",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1025120"
            },
            {
              "name": "ca-products-activex-file-overwrite(65632)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65632"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4%7D"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-1036",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2011-0496",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0496"
                },
                {
                  "name": "43490",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43490"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-093",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-093"
                },
                {
                  "name": "43377",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43377"
                },
                {
                  "name": "46539",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46539"
                },
                {
                  "name": "20110223 ZDI-11-093: CA Internet Security Suite HIPS XML Security Database Parser Class Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/516649/100/0/threaded"
                },
                {
                  "name": "8106",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8106"
                },
                {
                  "name": "20110225 CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/516687/100/0/threaded"
                },
                {
                  "name": "1025120",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1025120"
                },
                {
                  "name": "ca-products-activex-file-overwrite(65632)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65632"
                },
                {
                  "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}",
                  "refsource": "CONFIRM",
                  "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-1036",
        "datePublished": "2011-02-25T17:00:00.000Z",
        "dateReserved": "2011-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:27.259Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2740 (GCVE-0-2009-2740)

    Vulnerability from cvelistv5 – Published: 2009-08-19 17:00 – Updated: 2024-08-07 05:59
    VLAI
    Summary
    kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-08-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:59:57.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20090818 CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/505881/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214665"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-08-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20090818 CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/505881/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214665"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2740",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20090818 CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/505881/100/0/threaded"
                },
                {
                  "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214665",
                  "refsource": "CONFIRM",
                  "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214665"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2740",
        "datePublished": "2009-08-19T17:00:00.000Z",
        "dateReserved": "2009-08-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:59:57.207Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6952 (GCVE-0-2006-6952)

    Vulnerability from cvelistv5 – Published: 2007-01-24 23:00 – Updated: 2024-08-07 20:50
    VLAI
    Summary
    Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www3.ca.com/securityadvisor/newsinfo/colla… x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/452286/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/21140 vdb-entryx_refsource_BID
    http://www.osvdb.org/30497 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/451952/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/22972 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/30498 vdb-entryx_refsource_OSVDB
    http://www3.ca.com/securityadvisor/vulninfo/vuln.… x_refsource_CONFIRM
    http://www.securityfocus.com/archive/1/458040/100… mailing-listx_refsource_BUGTRAQ
    http://www.reversemode.com/index.php?option=com_r… x_refsource_MISC
    Date Public
    2006-11-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:50:05.694Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
              },
              {
                "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
              },
              {
                "name": "21140",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21140"
              },
              {
                "name": "30497",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/30497"
              },
              {
                "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
              },
              {
                "name": "22972",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22972"
              },
              {
                "name": "30498",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/30498"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
              },
              {
                "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
            },
            {
              "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
            },
            {
              "name": "21140",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21140"
            },
            {
              "name": "30497",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/30497"
            },
            {
              "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
            },
            {
              "name": "22972",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22972"
            },
            {
              "name": "30498",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/30498"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
            },
            {
              "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6952",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729",
                  "refsource": "CONFIRM",
                  "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
                },
                {
                  "name": "20061121 RE: [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
                },
                {
                  "name": "21140",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21140"
                },
                {
                  "name": "30497",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/30497"
                },
                {
                  "name": "20061116 [Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
                },
                {
                  "name": "22972",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22972"
                },
                {
                  "name": "30498",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/30498"
                },
                {
                  "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818",
                  "refsource": "CONFIRM",
                  "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
                },
                {
                  "name": "20070124 [CAID 34818]: CA Personal Firewall Multiple Privilege Escalation Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
                },
                {
                  "name": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38",
                  "refsource": "MISC",
                  "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6952",
        "datePublished": "2007-01-24T23:00:00.000Z",
        "dateReserved": "2007-01-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:50:05.694Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }