製品・ソフトウェアに関する情報

JVN脆弱性詳細

CA Internet Security Suite の UmxEventCli.dll におけるディレクトリトラバーサルの脆弱性

Title	CA Internet Security Suite の UmxEventCli.dll におけるディレクトリトラバーサルの脆弱性
Summary	CA Internet Security Suite の UmxEventCli.dll 内にある UmxEventCli.CachedAuditDataList.1 (UmxEventCliLib) ActiveX コントロールには、ディレクトリトラバーサルの脆弱性が存在します。
Possible impacts	第三者により、SaveToFile メソッドへの引数内にある ..(dot dot) を介して、任意のファイルを作成および上書きされる可能性があります。
Solution	ベンダ情報及び参考情報を参照して適切な対策を実施してください。
Publication Date	June 2, 2008, midnight
Registration Date	Dec. 24, 2010, 11:41 a.m.
Last Update	Dec. 24, 2010, 11:41 a.m.

Affected System

CA Technologies

CA Internet Security Suite 2008

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2008-2511	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2511
National Vulnerability Database (NVD)
2	CVE-2008-2511	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2511

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-22	https://jvndb.jvn.jp/ja/cwe/CWE-22.html

ベンダー情報

No	Name	URL
CA テクニカルサポート
1	Top Page	http://www.ca.com/jp/default.aspx

その他

No	Name	URL
ISS X-Force Database
1	42712	http://xforce.iss.net/xforce/xfdb/42712
Secunia Advisory
2	SA30420	http://secunia.com/advisories/30420
SecurityTracker
3	1020129	http://www.securitytracker.com/id?1020129
VUPEN Security
4	VUPEN/ADV-2008-1696	http://www.vupen.com/english/advisories/2008/1696

Change Log

No	Changed Details	Date of change
0	[2010年12月24日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2008-2511

Summary	Directory traversal vulnerability in the UmxEventCli.CachedAuditDataList.1 (aka UmxEventCliLib) ActiveX control in UmxEventCli.dll in CA Internet Security Suite 2008 allows remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the argument to the SaveToFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder. NOTE: some of these details are obtained from third party information.
Summary	Una vulnerabilidad de salto de directorio en el control ActiveX UmxEventCli.CachedAuditDataList.1 (también se conoce como UmxEventCliLib) en biblioteca UmxEventCli.dll en CA Internet Security Suite 2008, permite a los atacantes remotos crear y sobrescribir archivos arbitrarios por medio de un .. (punto punto) en el argumento al método SaveToFile . NOTA: esto puede ser aprovechado para la ejecución del código mediante la escritura en una carpeta Startup. NOTA: algunos de estos detalles fueron obtenidos de información de terceros.
Publication Date	June 3, 2008, 6:30 a.m.
Registration Date	Jan. 29, 2021, 1:37 p.m.
Last Update	April 23, 2026, 9:35 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:ca:internet_security_suite_plus_2008::::::::

Related information, measures and tools

No	URL	refsource
1	http://retrogod.altervista.org/9sg_CA_poc.html	cve@mitre.org
2	http://secunia.com/advisories/30420	cve@mitre.org
3	http://www.securityfocus.com/archive/1/492679/100/0/threaded	cve@mitre.org
4	http://www.securitytracker.com/id?1020129	cve@mitre.org
5	http://www.vupen.com/english/advisories/2008/1696/references	cve@mitre.org
6	https://exchange.xforce.ibmcloud.com/vulnerabilities/42712	cve@mitre.org
7	https://www.exploit-db.com/exploits/5682	cve@mitre.org
8	http://retrogod.altervista.org/9sg_CA_poc.html	af854a3a-2127-422b-91ae-364da2661108
9	http://secunia.com/advisories/30420	af854a3a-2127-422b-91ae-364da2661108
10	http://www.securityfocus.com/archive/1/492679/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
11	http://www.securitytracker.com/id?1020129	af854a3a-2127-422b-91ae-364da2661108
12	http://www.vupen.com/english/advisories/2008/1696/references	af854a3a-2127-422b-91ae-364da2661108
13	https://exchange.xforce.ibmcloud.com/vulnerabilities/42712	af854a3a-2127-422b-91ae-364da2661108
14	https://www.exploit-db.com/exploits/5682	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-22	パス・トラバーサル	https://cwe.mitre.org/data/definitions/22.html