CVE-2011-2667

Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:broadcom:total_defense:r12:*:*:*:*:*:*:*
cpe:2.3:a:ca:gateway_security:8.1:*:*:*:*:*:*:*

History

07 Nov 2023, 02:07

Type Values Removed Values Added
References
  • {'url': 'https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5E404992-6B58-4C44-A29D-027D05B6285D}', 'name': 'https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5E404992-6B58-4C44-A29D-027D05B6285D}', 'tags': ['Broken Link'], 'refsource': 'CONFIRM'}
  • () https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B5E404992-6B58-4C44-A29D-027D05B6285D%7D -

Information

Published : 2011-07-28 22:55

Updated : 2024-02-28 11:41


NVD link : CVE-2011-2667

Mitre link : CVE-2011-2667

CVE.ORG link : CVE-2011-2667


JSON object : View

Products Affected

ca

  • gateway_security

broadcom

  • total_defense
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer