Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2005-3653

Опубликовано: 31 дек. 2005
Источник: nvd
CVSS2: 10
EPSS Средний

Описание

Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_process_automation_manager:11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.3:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.4:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_aries:8.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp2:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp3:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_irecorder:8.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_identity_minder:8.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:itechnology_igateway:*:*:*:*:*:*:*:*
Версия до 4.0.050615 (включая)
cpe:2.3:a:broadcom:unicenter_asset_portfolio_management:11.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_autosys_jm:11.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_service_delivery:11.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_service_desk:11.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_service_desk_knowledge_tools:11.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_service_fulfillment:2.2:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_service_metric_analysis:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:solaris:*:*:*:*:*
cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:solaris:*:*:*:*:*
cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:tru64:*:*:*:*:*
cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:windows_64-bit:*:*:*:*:*
cpe:2.3:a:ca:etrust_audit_aries:1.5:sp2:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_audit_aries:1.5:sp3:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_directory:8.1_web_components:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_application_performance_monitor:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_application_server_managment:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_ca_web_services_distributed_management:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_exchange_management_console:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_management:3.5:*:websphere_mq:*:*:*:*:*
cpe:2.3:a:ca:unicenter_management:11.0:*:weblogic:*:*:*:*:*
cpe:2.3:a:ca:unicenter_management:11.0:*:websphere:*:*:*:*:*
cpe:2.3:a:ca:unicenter_service_catalog_fulfillment_accounting:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_service_fulfillment:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_service_level_management:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_web_server_management:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_web_services_distributed_management:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 97%
0.30442
Средний

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

github логотип

GHSA-pqwm-v5fq-x4gm

github
почти 4 года назад

Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.

EPSS

Процентиль: 97%
0.30442
Средний

10 Critical

CVSS2

Дефекты

CWE-119