2016-07-26 | CVE-2016-6151 | Command Injection vulnerability in CA Ehealth 6.2/6.2.1/6.2.2 CA eHealth 6.2.x allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors. network low complexity ca critical | 9.0 |
2016-07-26 | CVE-2016-6152 | CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors. | 9.0 |
2012-12-10 | CVE-2012-5973 | Code Injection vulnerability in CA Xcom Data Transport R11.0/R11.5 CA XCOM Data Transport r11.0 and r11.5 on UNIX and Linux allows remote attackers to execute arbitrary commands via a crafted request. network low complexity ca CWE-94 critical | 10.0 |
2010-06-10 | CVE-2010-2193 | Improper Input Validation vulnerability in CA Psformx Active X Control and Webscan Active X Control Multiple unspecified vulnerabilities in the CA (1) PSFormX and (2) WebScan ActiveX controls, as distributed on the CA Global Advisor web site until May 2009, allow remote attackers to execute arbitrary code via unknown vectors. network low complexity ca CWE-20 critical | 10.0 |
2010-04-07 | CVE-2010-1223 | Buffer Errors vulnerability in CA products Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to the entry_point.aspx service. | 10.0 |
2009-12-08 | CVE-2009-4225 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in CA Etrust Pestpatrole Ppctl.Dll Activex 5.6.7.9 Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.dll) 5.6.7.9 in CA eTrust PestPatrol allows remote attackers to execute arbitrary code via a long argument to the Initialize method. | 9.3 |
2009-10-13 | CVE-2009-3587 | Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. | 9.3 |
2009-08-10 | CVE-2009-2026 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in CA products Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data. | 10.0 |
2009-01-28 | CVE-2009-0042 | Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. | 10.0 |
2009-01-08 | CVE-2009-0043 | Permissions, Privileges, and Access Controls vulnerability in CA Service Level Management and Service Metric Analysis The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 SP1 and Service Level Management 3.5 does not properly restrict access, which allows remote attackers to execute arbitrary commands via unspecified vectors. | 10.0 |