Skip to main content

Special Announcement

  • 25 Jun 2024

    Announcement for Change of Chinese Name

    Please note that the Chinese name of HKCERT is changed from 「香港電腦保安事故協調中心」 to 「香港網絡安全事故協調中心」 with immediate effect.

    The English name, abbreviation, web address and email address remained unchanged.

CA Anti-Virus Engine RAR Heap Corruption and DoS Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 12 Oct 2009 4836 Views

RISK: Medium Risk

Two vulnerabilities have been identified in various CA products, which could be exploited by attackers or malware to cause a denial of service or compromise a vulnerable system.

1. A heap corruption error in the Anti-Virus engine arclib component when processing malformed RAR archives, which could be exploited by attackers to cause a denial of service or execute arbitrary code.

2. A stack corruption in the Anti-Virus engine arclib component when processing malformed RAR archives, which could be exploited by attackers to cause a denial of service.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1

  • CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8

  • CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1

  • CA Anti-Virus 2007 (v8)

  • CA Anti-Virus 2008

  • CA Anti-Virus 2009

  • CA Anti-Virus Plus 2009

  • eTrust EZ Antivirus r7.1

  • CA Internet Security Suite 2007 (v3)

  • CA Internet Security Suite 2008

  • CA Internet Security Suite Plus 2008

  • CA Internet Security Suite Plus 2009

  • CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8

  • CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) 8.1

  • CA Threat Manager Total Defense

  • CA Gateway Security r8.1

  • CA Protection Suites r2

  • CA Protection Suites r3

  • CA Protection Suites r3.1

  • CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1

  • CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1

  • CA ARCserve Backup r11.5 on Windows

  • CA ARCserve Backup r12 on Windows

  • CA ARCserve Backup r12.0 SP1 on Windows

  • CA ARCserve Backup r12.0 SP 2 on Windows

  • CA ARCserve Backup r12.5 on Windows

  • CA ARCserve Backup r11.1 Linux

  • CA ARCserve Backup r11.5 Linux

  • CA ARCserve for Windows Client Agent

  • CA ARCserve for Windows Server component

  • CA eTrust Intrusion Detection 2.0 SP1

  • CA eTrust Intrusion Detection 3.0

  • CA eTrust Intrusion Detection 3.0 SP1

  • CA Common Services (CCS) r3.1

  • CA Common Services (CCS) r11

  • CA Common Services (CCS) r11.1

  • CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)

  • CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1


Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Apply patches :
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878


Vulnerability Identifier


Source


Related Link