CA Anti-Virus Engine RAR Heap Corruption and DoS Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 12 Oct 2009 4650 Views

RISK: Medium Risk

Medium Risk

Two vulnerabilities have been identified in various CA products, which could be exploited by attackers or malware to cause a denial of service or compromise a vulnerable system.

1. A heap corruption error in the Anti-Virus engine arclib component when processing malformed RAR archives, which could be exploited by attackers to cause a denial of service or execute arbitrary code.

2. A stack corruption in the Anti-Virus engine arclib component when processing malformed RAR archives, which could be exploited by attackers to cause a denial of service.

Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1

  • CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8

  • CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1

  • CA Anti-Virus 2007 (v8)

  • CA Anti-Virus 2008

  • CA Anti-Virus 2009

  • CA Anti-Virus Plus 2009

  • eTrust EZ Antivirus r7.1

  • CA Internet Security Suite 2007 (v3)

  • CA Internet Security Suite 2008

  • CA Internet Security Suite Plus 2008

  • CA Internet Security Suite Plus 2009

  • CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8

  • CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) 8.1

  • CA Threat Manager Total Defense

  • CA Gateway Security r8.1

  • CA Protection Suites r2

  • CA Protection Suites r3

  • CA Protection Suites r3.1

  • CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1

  • CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1

  • CA ARCserve Backup r11.5 on Windows

  • CA ARCserve Backup r12 on Windows

  • CA ARCserve Backup r12.0 SP1 on Windows

  • CA ARCserve Backup r12.0 SP 2 on Windows

  • CA ARCserve Backup r12.5 on Windows

  • CA ARCserve Backup r11.1 Linux

  • CA ARCserve Backup r11.5 Linux

  • CA ARCserve for Windows Client Agent

  • CA ARCserve for Windows Server component

  • CA eTrust Intrusion Detection 2.0 SP1

  • CA eTrust Intrusion Detection 3.0

  • CA eTrust Intrusion Detection 3.0 SP1

  • CA Common Services (CCS) r3.1

  • CA Common Services (CCS) r11

  • CA Common Services (CCS) r11.1

  • CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)

  • CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Apply patches :
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878

Vulnerability Identifier

Source

Related Link

Share with

Previous

IBM Informix Client and Connect ".nfx" File Buffer Overflow Vulnerability

6 Oct 2009 4615 Views

Next

Adobe Reader and Acrobat Multiple Code Execution Vulnerability

12 Oct 2009 4490 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY