Directory Traversal Vulnerability in CA Total Defense by CA Technologies
CVE-2011-1654

Currently unrated

Key Information:

Vendor: Broadcom
Status: Total Defense
Vendor: CVE Published:; 18 April 2011

What is CVE-2011-1654?

A directory traversal vulnerability exists in the Heartbeat Web Service component of CA Total Defense, specifically affecting the Management Server through the CA.Itm.Server.ManagementWS.dll. This flaw allows remote attackers to manipulate the GUID parameter in an upload request to FileUploadHandler.ashx, potentially enabling malicious executions of arbitrary code on the affected server. Security measures and updates should be a priority for users to mitigate risks associated with this vulnerability.

References

http://secunia.com/advisories/44097

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/66726

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2011/0977

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 18, 2011
Vulnerability Reserved
Apr 6, 2011

Broadcom

What is CVE-2011-1654?

References

Timeline