cpe:/a:ca:xosoft_content_distribution:r12.0 cpe:/a:ca:xosoft_content_distribution:r12.5 cpe:/a:ca:xosoft_high_availability:r12.0 cpe:/a:ca:xosoft_high_availability:r12.5 cpe:/a:ca:xosoft_replication:r12.0 cpe:/a:ca:xosoft_replication:r12.5 CVE-2010-1223 2010-04-07T11:30:00.627-04:00 2010-04-08T00:00:00.000-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2010-04-08T12:10:00.000-04:00 BUGTRAQ 20100406 CA20100406-01: Security Notice for CA XOsoft BUGTRAQ 20100406 ZDI-10-065: CA XOsoft xosoapapi.asmx Multiple Remote Code Execution Vulnerabilities BUGTRAQ 20100406 ZDI-10-066: CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability BID 39238 MISC http://www.zerodayinitiative.com/advisories/ZDI-10-065/ MISC http://www.zerodayinitiative.com/advisories/ZDI-10-066/ CONFIRM https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869 Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to the entry_point.aspx service.