Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:02
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=full-disclosure&m=113803349715927&w=2 - | |
References | () http://secunia.com/advisories/18591 - Patch, Vendor Advisory | |
References | () http://securityreason.com/securityalert/380 - | |
References | () http://securitytracker.com/id?1015526 - Patch | |
References | () http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp - Patch, Vendor Advisory | |
References | () http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376 - Patch, Vendor Advisory | |
References | () http://www.osvdb.org/22688 - Patch | |
References | () http://www.securityfocus.com/archive/1/423288/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/423403/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/16354 - Patch | |
References | () http://www.vupen.com/english/advisories/2006/0311 - Vendor Advisory | |
References | () http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/24269 - |
Information
Published : 2005-12-31 05:00
Updated : 2024-11-21 00:02
NVD link : CVE-2005-3653
Mitre link : CVE-2005-3653
CVE.ORG link : CVE-2005-3653
JSON object : View
Products Affected
broadcom
- unicenter_service_desk_knowledge_tools
- etrust_integrated_threat_management
- unicenter_service_fulfillment
- etrust_audit_aries
- unicenter_asset_portfolio_management
- brightstor_process_automation_manager
- etrust_audit_irecorder
- unicenter_autosys_jm
- brightstor_arcserve_backup_laptops_desktops
- etrust_identity_minder
- etrust_admin
- brightstor_storage_resource_manager
- brightstor_portal
- unicenter_service_metric_analysis
- unicenter_service_delivery
- brightstor_san_manager
- itechnology_igateway
- brightstor_arcserve_backup
- unicenter_service_desk
ca
- etrust_secure_content_manager
- unicenter_management
- unicenter_service_catalog_fulfillment_accounting
- unicenter_application_performance_monitor
- unicenter_exchange_management_console
- unicenter_service_fulfillment
- etrust_audit_aries
- unicenter_application_server_managment
- unicenter_web_server_management
- unicenter_service_level_management
- brightstor_enterprise_backup
- unicenter_web_services_distributed_management
- brightstor_arcserve_backup
- etrust_directory
- unicenter_ca_web_services_distributed_management
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer