Vulnerabilities > CVE-2011-0758 - Numeric Errors vulnerability in CA Etrust Secure Content Manager and Gateway Security
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Common Weakness Enumeration (CWE)
References
- http://secunia.com/advisories/43200
- http://www.securityfocus.com/bid/46253
- http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ca
- http://www.vupen.com/english/advisories/2011/0306
- http://www.zerodayinitiative.com/advisories/ZDI-11-059
- http://www.securitytracker.com/id?1025052
- http://osvdb.org/70840
- http://securityreason.com/securityalert/8075
- http://www.securityfocus.com/archive/1/516277/100/0/threaded
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BEE6F16E1-6E05-4890-A739-2B9F745C721F%7D