CVE-2008-2511 (Internet Security Suite Plus 2008)

CVE-2008-2511 (Internet Security Suite Plus 2008)
BugsAlert Home > CVE-2008-2511 (Internet Security Suite Plus 2008)




Directory traversal vulnerability in the UmxEventCli.CachedAuditDataList.1 (aka UmxEventCliLib) ActiveX control in UmxEventCli.dll in CA Internet Security Suite 2008 allows remote attackers to create and overwrite arbitrary files via a . (dot dot) in the argument to the SaveToFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder. NOTE: some of these details are obtained from third party information. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2511 Learn more about CVE-2008-2511 (Internet Security Suite Plus 2008)


Tags: cve-2008-2511 internet security suite 2008

Related Items
FrSIRT - Turbolinux Security Update Fixes Firefox Code Execution Vulnerabilities
FrSIRT - Cisco Unified Presence Remote Denial of Service Vulnerabilities
Bugtraq: [USN-634-1] OpenLDAP vulnerability
CVE-2007-6340 (LSrunasE, Supercrypt)
CVE-2008-3169 (Empire Server)
Microsoft Security Advisory (916208): Adobe Security Bulletin: APSB06-03 Flash Player Update to Address Security Vulnerabilities - 5/11/2006
Brief: VMWare opens hypervisor to security apps