NVD

Id
8549  
Name
CVE-2011-1654  
Description
Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in the Management Server in CA Total Defense (TD) r12 before SE2 allows remote attackers to execute arbitrary code via directory traversal sequences in the GUID parameter in an upload request to FileUploadHandler.ashx.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2011-04-18  
Modified Date
2011-04-20  
Seq
2011-1654  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
49192 8549 CVE-2011-1654 1025353  View
49193 8549 CVE-2011-1654 20110413 ZDI-11-126: CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability  View
49194 8549 CVE-2011-1654 20110413 CA20110413-01: Security Notice for CA Total Defense  View
49195 8549 CVE-2011-1654 47357  View
49196 8549 CVE-2011-1654 ADV-2011-0977  View
49197 8549 CVE-2011-1654 http://www.zerodayinitiative.com/advisories/ZDI-11-126/  View
49198 8549 CVE-2011-1654 totaldefense-fileuploadhandler-file-upload(66726)  View
49199 8549 CVE-2011-1654 https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={CD065CEC-AFE2-4D9D-8E0B-BE7F6E345866}  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
34220 JVNDB-2011-004462 CA Total Defense の Management Server の Heartbeat Web Service におけるディレクトリトラバーサルの脆弱性 CA Total Defense の Management Server の CA.Itm.Server.ManagementWS.dl の Heartbeat Web Service には、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2011-1654 49561 CVE-2011-1654 8549 7.5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004462.html 2011-04-13 2012-03-27 View