CVE-2011-1036

Name of the Vulnerable Software and Affected Versions CA Host-Based Intrusion Prevention System (HIPS) versions prior to 8.1.0.88 CA Internet Security Suite (ISS) 2010 versions prior to 1.6.450

Description The issue allows remote attackers to download and execute an arbitrary program onto a client machine. This is achieved through vectors involving the SetXml and Save methods of the XML Security Database Parser class in the HIPSEngine component.

Recommendations For CA Host-Based Intrusion Prevention System (HIPS) versions prior to 8.1.0.88, update to version 8.1.0.88 or later. For CA Internet Security Suite (ISS) 2010 versions prior to 1.6.450, update to version 1.6.450 or later.