ZDI-11-126: CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability

Posted by ZDI Disclosures on Apr 13

ZDI-11-126: CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability

http://www.zerodayinitiative.com/advisories/ZDI-11-126

April 13, 2011

— CVE ID:
CVE-2011-1654

— CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)

— Affected Vendors:
CA

— Affected Products:
CA Total Defense Suite

— TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine…

Source: ZDI-11-126: CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability