CVE-2008-2511

NONECVSS 0.0

0.0

Directory traversal vulnerability in the UmxEventCli.CachedAuditDataList.1 (aka UmxEventCliLib) ActiveX control in UmxEventCli.dll in CA Internet Security Suite 2008 allows remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the argument to the SaveToFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder. NOTE: some of these details are obtained from third party information.

🔗 References (14)

cve@mitrehttp://retrogod.altervista.org/9sg_CA_poc.html
cve@mitrehttp://secunia.com/advisories/30420
cve@mitrehttp://www.securityfocus.com/archive/1/492679/100/0/threaded
cve@mitrehttp://www.securitytracker.com/id?1020129
cve@mitrehttp://www.vupen.com/english/advisories/2008/1696/references
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/42712
cve@mitrehttps://www.exploit-db.com/exploits/5682
af854a3a-2127-422b-91ae-364da2661108http://retrogod.altervista.org/9sg_CA_poc.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30420
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/492679/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020129
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1696/references
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/42712
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/5682

Is Your Infrastructure Affected by CVE-2008-2511?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-2511

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-2511?