CVE-2011-1654

Currently unrated

Key Information:

Vendor: Broadcom
Status: Total Defense
Vendor: CVE Published:; 18 April 2011

Summary

Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in the Management Server in CA Total Defense (TD) r12 before SE2 allows remote attackers to execute arbitrary code via directory traversal sequences in the GUID parameter in an upload request to FileUploadHandler.ashx.

References

http://secunia.com/advisories/44097

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/66726

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2011/0977

vdb-entryx_refsource_VUPEN

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 18, 2011
Vulnerability Reserved
Apr 6, 2011