Vulnerabilities (CVE)

Filtered by vendor Ca Subscribe
Filtered by product Internet Security Suite 2010
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-1036 1 Ca 3 Host-based Intrusion Prevention System, Internet Security Suite 2010, Internet Security Suite 2011 2024-11-21 8.8 HIGH N/A
The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods.
CVE-2010-5156 2 Ca, Microsoft 2 Internet Security Suite 2010, Windows Xp 2024-11-21 6.2 MEDIUM N/A
** DISPUTED ** Race condition in CA Internet Security Suite Plus 2010 6.0.0.272 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute.