CA20110208-01: Security Advisory for CA Secure Content Manager, Gateway Security

Issued: February 08, 2011
Last Updated: July 25, 2011

CA Technologies support is alerting customers to a security risk with CA Secure Content Manager. A vulnerability exists that can allow a remote attacker to execute arbitrary code.

The vulnerability, CVE-2011-0758, is due to insufficient bounds checking by the eCS component included with Secure Content Manager and Gateway Security. A remote attacker can make a request that will cause a heap overflow, which could possibly result in privileged code execution.

Patches are currently not available. CA support is working towards a resolution. Monitor this notice and the CA Secure Content Manager / Gateway Security product homepage for updates.

Risk Rating




Affected Products

CA Secure Content Manager 8.0
CA Gateway Security 8.1
CA Gateway Security 9.0


CVE-2011-0758 - Secure Content Manager eCS heap overflow


CVE-2011-0758 - Sebastian Apelt through the TippingPoint ZDI

Change History

Version 1.0: Initial Release
Version 1.1: Added Ca Gateway Security 9.0 to the Affected Products list

If additional information is required, please contact CA Technologies Support at

If you discover a vulnerability in CA Technologies products, please report your findings to the CA Technologies Product Vulnerability Response Team

Chat with CA

Just give us some brief information and we'll connect you to the right CA ExpertCA sales representative.

Our hours of availability are 8AM - 5PM CST.

All Fields Required


We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{}} will be helping you today.

    View Profile

  • Transfered to {{}}

    {{}} joined the conversation

    {{}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1]}} has ended.
    Thank you for your interest in CA.

    Rate Your Chat Experience.


agent is typing