CA20110720-01: Security Notice for CA Gateway Security and Total Defense - CA Technologies
{{search ? 'Close':'Search'}}

CA20110720-01: Security Notice for CA Gateway Security and Total Defense

Issued: July 20, 2011

CA Technologies support is alerting customers to a security risk with CA Gateway Security. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued an update that resolves the vulnerability.

The vulnerability, CVE-2011-2667, occurs due to insufficient bounds checking that can result in a memory overwrite on the heap. By sending a malformed request, an attacker can overwrite a sensitive portion of heap memory, which can potentially result in server compromise.

Risk Rating




Affected Products

CA Gateway Security 8.1
CA Total Defense r12

Non-Affected Products

CA Gateway Security 9.0

How to determine if the installation is affected

From the CA Gateway Security Management Console, select About to view version information. If the version displayed is less than, the installation is vulnerable.


Gateway Security r8.1:
Apply fix RO32642

Alternatively, update to Gateway Security 9.0 available from the CA support site.


CVE-2011-2667 - Gateway Security memory corruption


CVE-2011-2667 - Andrea Micalizzi via the TippingPoint ZDI

Change History

Version 1.0: Initial Release

If additional information is required, please contact CA Technologies Support at

If you discover a vulnerability in CA Technologies products, please report your findings to the CA Technologies Product Vulnerability Response Team.

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required


We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{}} will be helping you today.

    View Profile

  • Transfered to {{}}

    {{}} joined the conversation

    {{}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1]}} has ended.
    Thank you for your interest in CA.

    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

agent is typing