Unrated severityNVD Advisory· Published Dec 31, 2005· Updated Apr 16, 2026

CVE-2005-3653

Description

Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.

Affected products

Broadcom Corporation/Brightstor Arcserve Backup3 versions
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
Broadcom Corporation/Brightstor Arcserve Backup Laptops Desktops2 versions
cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*
Broadcom Corporation/Brightstor Portal
cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*
Broadcom Corporation/Brightstor Process Automation Manager
cpe:2.3:a:broadcom:brightstor_process_automation_manager:11.1:*:*:*:*:*:*:*
Broadcom Corporation/Brightstor San Manager2 versions
cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*
Broadcom Corporation/Brightstor Storage Resource Manager4 versions
cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.1:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.4:*:*:*:*:*:*:*
Broadcom Corporation/Etrust Admin
cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*
Broadcom Corporation/Etrust Audit Aries
cpe:2.3:a:broadcom:etrust_audit_aries:8.0:*:*:*:*:*:*:*
Broadcom Corporation/Etrust Audit Irecorder3 versions
cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp2:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp2:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp3:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_audit_irecorder:8.0:*:*:*:*:*:*:*
Broadcom Corporation/Etrust Identity Minder
cpe:2.3:a:broadcom:etrust_identity_minder:8.0:*:*:*:*:*:*:*
Broadcom Corporation/Etrust Integrated Threat Management
cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.0:*:*:*:*:*:*:*
Broadcom Corporation/Itechnology Igateway
cpe:2.3:a:broadcom:itechnology_igateway:*:*:*:*:*:*:*:*
Range: <=4.0.050615
Broadcom Corporation/Unicenter Asset Portfolio Management
cpe:2.3:a:broadcom:unicenter_asset_portfolio_management:11.0:*:*:*:*:*:*:*
Broadcom Corporation/Unicenter Autosys Jm
cpe:2.3:a:broadcom:unicenter_autosys_jm:11.0:*:*:*:*:*:*:*
Broadcom Corporation/Unicenter Service Delivery
cpe:2.3:a:broadcom:unicenter_service_delivery:11.0:*:*:*:*:*:*:*
Broadcom Corporation/Unicenter Service Desk
cpe:2.3:a:broadcom:unicenter_service_desk:11.0:*:*:*:*:*:*:*
Broadcom Corporation/Unicenter Service Desk Knowledge Tools
cpe:2.3:a:broadcom:unicenter_service_desk_knowledge_tools:11.0:*:*:*:*:*:*:*
Broadcom Corporation/Unicenter Service Fulfillment
cpe:2.3:a:broadcom:unicenter_service_fulfillment:2.2:*:*:*:*:*:*:*
Broadcom Corporation/Unicenter Service Metric Analysis
cpe:2.3:a:broadcom:unicenter_service_metric_analysis:11.0:*:*:*:*:*:*:*
Ca/Brightstor Arcserve Backup
cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
Ca/Brightstor Enterprise Backup4 versions
cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:solaris:*:*:*:*:*+ 3 more
- cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:solaris:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:solaris:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:tru64:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:windows_64-bit:*:*:*:*:*
Ca/Etrust Audit Aries2 versions
cpe:2.3:a:ca:etrust_audit_aries:1.5:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ca:etrust_audit_aries:1.5:sp2:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_audit_aries:1.5:sp3:*:*:*:*:*:*
Ca/Etrust Directory
cpe:2.3:a:ca:etrust_directory:8.1_web_components:*:*:*:*:*:*:*
Ca/Etrust Secure Content Manager
cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*
Ca/Unicenter Application Performance Monitor
cpe:2.3:a:ca:unicenter_application_performance_monitor:11.0:*:*:*:*:*:*:*
Ca/Unicenter Application Server Managment
cpe:2.3:a:ca:unicenter_application_server_managment:11.0:*:*:*:*:*:*:*
Ca/Unicenter Ca Web Services Distributed Management
cpe:2.3:a:ca:unicenter_ca_web_services_distributed_management:11.0:*:*:*:*:*:*:*
Ca/Unicenter Exchange Management Console
cpe:2.3:a:ca:unicenter_exchange_management_console:11.0:*:*:*:*:*:*:*
Ca/Unicenter Management3 versions
cpe:2.3:a:ca:unicenter_management:11.0:*:weblogic:*:*:*:*:*+ 2 more
- cpe:2.3:a:ca:unicenter_management:11.0:*:weblogic:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_management:11.0:*:websphere:*:*:*:*:*
- cpe:2.3:a:ca:unicenter_management:3.5:*:websphere_mq:*:*:*:*:*
Ca/Unicenter Service Catalog Fulfillment Accounting
cpe:2.3:a:ca:unicenter_service_catalog_fulfillment_accounting:11.0:*:*:*:*:*:*:*
Ca/Unicenter Service Fulfillment
cpe:2.3:a:ca:unicenter_service_fulfillment:11.0:*:*:*:*:*:*:*
Ca/Unicenter Service Level Management
cpe:2.3:a:ca:unicenter_service_level_management:11.0:*:*:*:*:*:*:*
Ca/Unicenter Web Server Management
cpe:2.3:a:ca:unicenter_web_server_management:11.0:*:*:*:*:*:*:*
Ca/Unicenter Web Services Distributed Management
cpe:2.3:a:ca:unicenter_web_services_distributed_management:11.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/18591nvdPatchVendor Advisory
securitytracker.com/idnvdPatch
supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.aspnvdPatchVendor Advisory
www.idefense.com/intelligence/vulnerabilities/display.phpnvdPatchVendor Advisory
www.osvdb.org/22688nvdPatch
www.securityfocus.com/bid/16354nvdPatch
www.vupen.com/english/advisories/2006/0311nvdVendor Advisory
marc.infonvd
securityreason.com/securityalert/380nvd
www.securityfocus.com/archive/1/423288/100/0/threadednvd
www.securityfocus.com/archive/1/423403/100/0/threadednvd
www3.ca.com/securityadvisor/vulninfo/vuln.aspxnvd
exchange.xforce.ibmcloud.com/vulnerabilities/24269nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.024
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000