Skip to main content

CA Anti-Virus Engine RAR Heap Corruption and DoS Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 12 Oct 2009 5610 Views

RISK: Medium Risk

Two vulnerabilities have been identified in various CA products, which could be exploited by attackers or malware to cause a denial of service or compromise a vulnerable system.

1. A heap corruption error in the Anti-Virus engine arclib component when processing malformed RAR archives, which could be exploited by attackers to cause a denial of service or execute arbitrary code.

2. A stack corruption in the Anti-Virus engine arclib component when processing malformed RAR archives, which could be exploited by attackers to cause a denial of service.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1

  • CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8

  • CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1

  • CA Anti-Virus 2007 (v8)

  • CA Anti-Virus 2008

  • CA Anti-Virus 2009

  • CA Anti-Virus Plus 2009

  • eTrust EZ Antivirus r7.1

  • CA Internet Security Suite 2007 (v3)

  • CA Internet Security Suite 2008

  • CA Internet Security Suite Plus 2008

  • CA Internet Security Suite Plus 2009

  • CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8

  • CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) 8.1

  • CA Threat Manager Total Defense

  • CA Gateway Security r8.1

  • CA Protection Suites r2

  • CA Protection Suites r3

  • CA Protection Suites r3.1

  • CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1

  • CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11

  • CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1

  • CA ARCserve Backup r11.5 on Windows

  • CA ARCserve Backup r12 on Windows

  • CA ARCserve Backup r12.0 SP1 on Windows

  • CA ARCserve Backup r12.0 SP 2 on Windows

  • CA ARCserve Backup r12.5 on Windows

  • CA ARCserve Backup r11.1 Linux

  • CA ARCserve Backup r11.5 Linux

  • CA ARCserve for Windows Client Agent

  • CA ARCserve for Windows Server component

  • CA eTrust Intrusion Detection 2.0 SP1

  • CA eTrust Intrusion Detection 3.0

  • CA eTrust Intrusion Detection 3.0 SP1

  • CA Common Services (CCS) r3.1

  • CA Common Services (CCS) r11

  • CA Common Services (CCS) r11.1

  • CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)

  • CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1


Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Apply patches :
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878


Vulnerability Identifier


Source


Related Link