Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-08-04 | CVE-2006-3976 | Unspecified vulnerability in Broadcom Etrust Antivirus Webscan 1.1.0.1045/1.1.0.1047 Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files. | 9.3 |
| 2006-08-04 | CVE-2006-3975 | Unspecified vulnerability in Broadcom Etrust Antivirus Webscan Unspecified vulnerability in CA eTrust Antivirus WebScan allows remote attackers to execute arbitrary code due to "improper bounds checking when processing certain user input." | 7.5 |
| 2006-06-27 | CVE-2006-3223 | Unspecified vulnerability in Broadcom products Format string vulnerability in CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP) r8 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a scan job with format strings in the description field. | 7.5 |
| 2006-05-04 | CVE-2006-2201 | Unspecified vulnerability in Broadcom Resource Initialization Manager 1.0 Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain "problem state program" that uses SVC to gain access to supervisor state, key 0. | 4.3 |
| 2006-01-19 | CVE-2006-0307 | Resource Management Errors vulnerability in multiple products The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption and log file consumption) via unspecified "unrecognized network messages" that are not properly handled. | 5.0 |
| 2005-12-31 | CVE-2005-3653 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. | 10.0 |
| 2005-12-10 | CVE-2005-4150 | Unspecified vulnerability in Broadcom Cleverpath Portal 4.7 Cross-site scripting (XSS) vulnerability in the portal login page in Computer Associates CleverPath 4.7 allows remote attackers to execute Javascript via unknown vectors. network broadcom | 4.3 |
| 2005-10-30 | CVE-2005-3372 | Unspecified vulnerability in Broadcom Etrust Antivirus 7.0.1.4 Multiple interpretation error in eTrust CA 7.0.1.4 with the 11.9.1 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | 5.1 |
| 2005-10-14 | CVE-2005-3225 | Unspecified vulnerability in Broadcom Etrust Antivirus and Etrust Antivirus Iris Engine Multiple interpretation error in unspecified versions of (1) eTrust-Iris and (2) eTrust-Vet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | 5.1 |
| 2005-10-13 | CVE-2005-3190 | Unspecified vulnerability in Broadcom Igateway 3.0/4.0 Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests. | 7.5 |