cbcvebase.
CVE-2011-2667
published 2011-07-28

CVE-2011-2667: Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which…

PriorityP353critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
16.20%
96.5th percentile
Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request.

Affected

2 ranges
VendorProductVersion rangeFixed in
broadcomtotal_defense
cagateway_security
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.