Unrated severityNVD Advisory· Published Jan 7, 2011· Updated Apr 29, 2026

CVE-2010-3984

Description

Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 and r12.5 SP2 rollup, CA XOsoft High Availability r12.0 SP1 and r12.5 SP2 rollup, CA XOsoft Content Distribution r12.0 SP1 and r12.5 SP2 rollup, and CA ARCserve Replication and High Availability (RHA) r15.0 SP1 allows remote attackers to execute arbitrary code via a crafted create_session_bab operation in a SOAP request to xosoapapi.asmx.

Affected products

Ca/Arcserve Replication And High Availability
cpe:2.3:a:ca:arcserve_replication_and_high_availability:r15.0:sp1:*:*:*:*:*:*
Ca/Xosoft Content Distribution2 versions
cpe:2.3:a:ca:xosoft_content_distribution:r12.0:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ca:xosoft_content_distribution:r12.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:ca:xosoft_content_distribution:r12.5:sp2:*:*:*:*:*:*
Ca/Xosoft High Availability2 versions
cpe:2.3:a:ca:xosoft_high_availability:r12.0:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ca:xosoft_high_availability:r12.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:ca:xosoft_high_availability:r12.5:sp2:*:*:*:*:*:*
Ca/Xosoft Replication2 versions
cpe:2.3:a:ca:xosoft_replication:r12.0:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ca:xosoft_replication:r12.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:ca:xosoft_replication:r12.5:sp2:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/42561nvdVendor Advisory
support.ca.com/irj/portal/anonymous/phpsupcontentnvdVendor Advisory
www.securityfocus.com/archive/1/515115/100/0/threadednvd
www.securityfocus.com/bid/45317nvd
www.securitytracker.com/idnvd
www.zerodayinitiative.com/advisories/ZDI-10-263/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000