HOMEVULNERABILITIESVENDORSComputer Associates

Computer AssociatesCVEs & Vulnerabilities

5 CVEs affecting Computer Associates products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

desktop management suite 8arcserve backup laptops and desktops 7unicenter software delivery 5desktop and server management 5unicenter asset management 5unicenter desktop management bundle 5unicenter remote control 5internet security suite 2
CVE-2008-3174MEDIUM

Unspecified vulnerability in the kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, allows remote attackers to cause a denial of service via unknown vectors, related to "insufficient validation."

13 Aug 2008
5.0
CVSS
CVE-2008-1786CRITICAL

The DSM gui_cm_ctrls ActiveX control (gui_cm_ctrls.ocx), as used in multiple CA products including BrightStor ARCServe Backup for Laptops and Desktops r11.5, Desktop Management Suite r11.1 through r11.2 C2; Unicenter r11.1 through r11.2 C2; and Desktop and Server Management r11.1 through r11.2 C2 allows remote attackers to execute arbitrary code via crafted function arguments.

16 Apr 2008
9.3
CVSS
CVE-2008-1328CRITICAL

Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments."

7 Apr 2008
9.3
CVSS
CVE-2008-1329CRITICAL

Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads."

7 Apr 2008
10.0
CVSS
CVE-2008-1472CRITICALpoc

Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method.

25 Mar 2008
9.3
CVSS
← PrevPage 1 / 1Next →