CVE-2011-1654: Path Traversal
First published: Fri Apr 15 2011(Updated: )
Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in the Management Server in CA Total Defense (TD) r12 before SE2 allows remote attackers to execute arbitrary code via directory traversal sequences in the GUID parameter in an upload request to FileUploadHandler.ashx.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom Total Defense | =r12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.vupen.com/english/advisories/2011/0977
- http://www.zerodayinitiative.com/advisories/ZDI-11-126/
- http://secunia.com/advisories/44097
- http://securitytracker.com/id?1025353
- http://www.securityfocus.com/bid/47357
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66726
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={CD065CEC-AFE2-4D9D-8E0B-BE7F6E345866}
- http://www.securityfocus.com/archive/1/517494/100/0/threaded
- http://www.securityfocus.com/archive/1/517488/100/0/threaded
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BCD065CEC-AFE2-4D9D-8E0B-BE7F6E345866%7D
- collector/nvd-historical
- collector/nvd-index
- collector/nvd-api
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/event
- agent/type
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/broadcom
- canonical/broadcom total defense
- version/broadcom total defense/r12