CA Anti-Virus Engine RAR Heap Corruption and DoS Vulnerabilities
RISK: Medium Risk
Two vulnerabilities have been identified in various CA products, which could be exploited by attackers or malware to cause a denial of service or compromise a vulnerable system.
1. A heap corruption error in the Anti-Virus engine arclib component when processing malformed RAR archives, which could be exploited by attackers to cause a denial of service or execute arbitrary code.
2. A stack corruption in the Anti-Virus engine arclib component when processing malformed RAR archives, which could be exploited by attackers to cause a denial of service.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1
CA Anti-Virus 2007 (v8)
CA Anti-Virus 2008
CA Anti-Virus 2009
CA Anti-Virus Plus 2009
eTrust EZ Antivirus r7.1
CA Internet Security Suite 2007 (v3)
CA Internet Security Suite 2008
CA Internet Security Suite Plus 2008
CA Internet Security Suite Plus 2009
CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8
CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) 8.1
CA Threat Manager Total Defense
CA Gateway Security r8.1
CA Protection Suites r2
CA Protection Suites r3
CA Protection Suites r3.1
CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1
CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1
CA ARCserve Backup r11.5 on Windows
CA ARCserve Backup r12 on Windows
CA ARCserve Backup r12.0 SP1 on Windows
CA ARCserve Backup r12.0 SP 2 on Windows
CA ARCserve Backup r12.5 on Windows
CA ARCserve Backup r11.1 Linux
CA ARCserve Backup r11.5 Linux
CA ARCserve for Windows Client Agent
CA ARCserve for Windows Server component
CA eTrust Intrusion Detection 2.0 SP1
CA eTrust Intrusion Detection 3.0
CA eTrust Intrusion Detection 3.0 SP1
CA Common Services (CCS) r3.1
CA Common Services (CCS) r11
CA Common Services (CCS) r11.1
CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Apply patches :
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878
Vulnerability Identifier
Source
Related Link
Share with