Vulnerability Details : CVE-2011-2667
Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2011-2667
Probability of exploitation activity in the next 30 days: 16.56%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-2667
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2011-2667
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-2667
-
http://securityreason.com/securityalert/8316
CA Gateway Security and Total Defense - CXSecurity.com
-
http://securitytracker.com/id?1025813
CA Total Defense URL Processing Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/68736
CA Total Defense and Gateway Security URL code execution CVE-2011-2667 Vulnerability Report
-
http://securitytracker.com/id?1025812
CA Gateway Security URL Processing Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.securityfocus.com/archive/1/518935/100/0/threaded
SecurityFocus
-
http://www.zerodayinitiative.com/advisories/ZDI-11-237/
ZDI-11-237 | Zero Day Initiative
-
http://www.securityfocus.com/bid/48813
Computer Associates Total Defense and Gateway Security Remote Code Execution Vulnerability
-
http://www.securityfocus.com/archive/1/518934/100/0/threaded
SecurityFocus
Products affected by CVE-2011-2667
- cpe:2.3:a:ca:gateway_security:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:total_defense:r12:*:*:*:*:*:*:*