Unrated severityNVD Advisory· Published Apr 7, 2010· Updated Apr 29, 2026

CVE-2010-1223

Description

Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to the entry_point.aspx service.

Affected products

Ca/Xosoft Content Distribution2 versions
cpe:2.3:a:ca:xosoft_content_distribution:r12.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ca:xosoft_content_distribution:r12.0:*:*:*:*:*:*:*
- cpe:2.3:a:ca:xosoft_content_distribution:r12.5:*:*:*:*:*:*:*
Ca/Xosoft High Availability2 versions
cpe:2.3:a:ca:xosoft_high_availability:r12.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ca:xosoft_high_availability:r12.0:*:*:*:*:*:*:*
- cpe:2.3:a:ca:xosoft_high_availability:r12.5:*:*:*:*:*:*:*
Ca/Xosoft Replication2 versions
cpe:2.3:a:ca:xosoft_replication:r12.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ca:xosoft_replication:r12.0:*:*:*:*:*:*:*
- cpe:2.3:a:ca:xosoft_replication:r12.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.030
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000