Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-1036

EPSS 5.06% · P90
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-1036

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
CA Host-Based Intrusion Prevention System XMLSecDB ActiveX控件任意程序下载和执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CA Internet Security Suite是为家庭用户提供的综合网络安全解决方案。 用于CA Internet Security Suite(ISS)2010的CA Host-Based Intrusion Prevention System(HIPS)8.1版本中的Management Server 8.1.0.88之前版本,客户端1.6.450之前版本的HIPSEngine组件的XMLSecDB ActiveX控件中的XML Security Database Parser类中存在漏洞。远程
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2011-1036

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2011-1036

登录查看更多情报信息。

Same Patch Batch · n/a · 2011-02-25 · 37 CVEs total

CVE-2011-0388Cisco TelePresence Recording Server和Multipoint Switch拒绝服务漏洞
CVE-2011-0380Cisco TelePresence Manager认证绕过和任意方法调用漏洞
CVE-2011-0381Cisco TelePresence Manager操作系统命令注入漏洞
CVE-2011-0382Cisco TelePresence Recording Server CGI子系统操作系统命令注入漏洞
CVE-2011-0383Cisco TelePresence Recording Server和Multipoint Switch任意代码执行漏洞
CVE-2011-0384Cisco TelePresence Multipoint Switch Java Servlet框架任意代码执行漏洞
CVE-2011-0385Cisco TelePresence Recording Server和Multipoint Switch管理web界面任意代码执行漏洞
CVE-2011-0386Cisco TelePresence Recording Server XML-RPC实现任意代码执行漏洞
CVE-2011-0387Cisco TelePresence Multipoint Switch管理web界面权限许可和访问控制漏洞
CVE-2011-0379Cisco TelePresence多个产品缓冲区溢出漏洞
CVE-2011-0389Cisco TelePresence Multipoint Switch资源管理错误漏洞
CVE-2011-0390Cisco TelePresence Multipoint Switch XML-RPC实现资源管理错误漏洞
CVE-2011-0391Cisco TelePresence Recording Server资源管理错误漏洞
CVE-2011-0392Cisco TelePresence Recording Server授权问题漏洞
CVE-2011-0393Cisco ASA 5500系列自适应安全设备资源管理错误漏洞
CVE-2011-0394Cisco ASA 5500和FWSM SCCP监测远程拒绝服务漏洞
CVE-2011-0395Cisco ASA 5500系列自适应安全设备RIP拒绝服务漏洞
CVE-2011-0396Cisco ASA 5500系列自适应安全设备任意文件读取漏洞
CVE-2011-0926Cisco Secure Desktop CSDWebInstaller.ocx ActiveX控件任意代码执行漏洞
CVE-2011-0332Foxit Reader和Phantom ICC块整数溢出漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2011-1036

No comments yet

Leave a comment