Vulnerabilites related to broadcom - anti-spyware
cve-2007-3875
Vulnerability from cvelistv5
Published
2007-07-26 00:00
Modified
2024-08-07 14:37
Severity ?
EPSS score ?
Summary
arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1018450 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847 | x_refsource_CONFIRM | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.securityfocus.com/archive/1/474605/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2007/2639 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/474601/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35573 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/474683/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/25049 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/26155 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:04.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1018450",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018450"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
},
{
"name": "20070724 Computer Associates AntiVirus CHM File Handling DoS Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
},
{
"name": "20070725 n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
},
{
"name": "ADV-2007-2639",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2639"
},
{
"name": "20070725 [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
},
{
"name": "ca-arclib-chm-dos(35573)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
},
{
"name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
},
{
"name": "25049",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25049"
},
{
"name": "26155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26155"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1018450",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018450"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
},
{
"name": "20070724 Computer Associates AntiVirus CHM File Handling DoS Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
},
{
"name": "20070725 n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
},
{
"name": "ADV-2007-2639",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2639"
},
{
"name": "20070725 [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
},
{
"name": "ca-arclib-chm-dos(35573)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
},
{
"name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
},
{
"name": "25049",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25049"
},
{
"name": "26155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26155"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3875",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1018450",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018450"
},
{
"name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
},
{
"name": "20070724 Computer Associates AntiVirus CHM File Handling DoS Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
},
{
"name": "20070725 n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
},
{
"name": "ADV-2007-2639",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2639"
},
{
"name": "20070725 [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
},
{
"name": "ca-arclib-chm-dos(35573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
},
{
"name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"name": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
},
{
"name": "25049",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25049"
},
{
"name": "26155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26155"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3875",
"datePublished": "2007-07-26T00:00:00",
"dateReserved": "2007-07-18T00:00:00",
"dateUpdated": "2024-08-07T14:37:04.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0042
Vulnerability from cvelistv5
Published
2009-01-28 01:00
Modified
2024-08-07 04:17
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2009/0270 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/48261 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/33464 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/500417/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1021639 | vdb-entry, x_refsource_SECTRACK | |
| http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:17:10.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601"
},
{
"name": "ADV-2009-0270",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0270"
},
{
"name": "ca-antivirus-engine-security-bypass(48261)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48261"
},
{
"name": "33464",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33464"
},
{
"name": "20090127 CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/500417/100/0/threaded"
},
{
"name": "1021639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021639"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601"
},
{
"name": "ADV-2009-0270",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0270"
},
{
"name": "ca-antivirus-engine-security-bypass(48261)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48261"
},
{
"name": "33464",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33464"
},
{
"name": "20090127 CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/500417/100/0/threaded"
},
{
"name": "1021639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021639"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601",
"refsource": "CONFIRM",
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601"
},
{
"name": "ADV-2009-0270",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0270"
},
{
"name": "ca-antivirus-engine-security-bypass(48261)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48261"
},
{
"name": "33464",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33464"
},
{
"name": "20090127 CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500417/100/0/threaded"
},
{
"name": "1021639",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021639"
},
{
"name": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx",
"refsource": "CONFIRM",
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0042",
"datePublished": "2009-01-28T01:00:00",
"dateReserved": "2009-01-07T00:00:00",
"dateUpdated": "2024-08-07T04:17:10.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-200707-0263
Vulnerability from variot
arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file. Multiple Computer Associates products are prone to a denial-of-service vulnerability because the applications fail to handle malformed CHM files. Successfully exploiting this issue will cause the affected applications to stop responding, denying service to legitimate users. This issue affects applications that use the 'arclib.dll' library versions prior to 7.3.0.9. The Arclib.DLL library in eTrust products has a security vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities
CA Vuln ID (CAID): 35525, 35526
CA Advisory Date: 2007-07-24
Reported By: CVE-2006-5645 - Titon of BastardLabs and Damian Put working with the iDefense VCP. CVE-2007-3875 - An anonymous researcher working with the iDefense VCP. Sergio Alvarez of n.runs AG also reported these issues.
Impact: A remote attacker can cause a denial of service.
Summary: CA products that utilize the Arclib library contain two denial of service vulnerabilities. The second vulnerability, CVE-2006-5645, is due to an application hang when processing a specially malformed RAR file.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a Medium risk rating.
Affected Products: CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.0, 7.1, r8, r8.1 CA Anti-Virus 2007 (v8) eTrust EZ Antivirus r7, r6.1 CA Internet Security Suite 2007 (v3) eTrust Internet Security Suite r1, r2 eTrust EZ Armor r1, r2, r3.x CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 CA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus Gateway) 7.1 CA Protection Suites r2, r3 CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1, 8.0 CA Anti-Spyware for the Enterprise (Formerly eTrust PestPatrol) r8, 8.1 CA Anti-Spyware 2007 Unicenter Network and Systems Management (NSM) r3.0, r3.1, r11, r11.1 BrightStor ARCserve Backup v9.01, r11 for Windows, r11.1, r11.5 BrightStor Enterprise Backup r10.5 BrightStor ARCserve Client agent for Windows eTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1 CA Common Services (CCS) r11, r11.1 CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
Status and Recommendation: CA has provided an update to address the vulnerabilities. The updated Arclib library is provided in automatic content updates with most products. Ensure that the latest content update is installed. In the case where automatic updates are not available, use the following product specific instructions.
CA Secure Content Manager 1.1: Apply QO89469.
CA Secure Content Manager 8.0: Apply QO87114.
Unicenter Network and Systems Management (NSM) r3.0: Apply QO89141.
Unicenter Network and Systems Management (NSM) r3.1: Apply QO89139.
Unicenter Network and Systems Management (NSM) r11: Apply QO89140.
Unicenter Network and Systems Management (NSM) r11.1: Apply QO89138.
CA Common Services (CCS) r11: Apply QO89140.
CA Common Services (CCS) r11.1: Apply QO89138.
CA Anti-Virus Gateway 7.1: Apply QO89381.
eTrust Intrusion Detection 2.0 SP1: Apply QO89474.
eTrust Intrusion Detection 3.0: Apply QO86925.
eTrust Intrusion Detection 3.0 SP1: Apply QO86923.
CA Protection Suites r2: Apply updates for CA Anti-Virus 7.1.
BrightStor ARCserve Backup and BrightStor ARCserve Client agent for Windows:
Manually replace the arclib.dll file with the one provided in the CA Anti-Virus 7.1 fix set.
- Locate and rename the existing arclib.dll file.
- Download the CA Anti-Virus 7.1 patch that matches the host operating system.
- Unpack the patch and place the arclib.dll file in directory where the existing arclib.dll file was found in step 1.
- Reboot the host.
CA Anti-Virus 7.1 (non Windows):
T229327 – Solaris – QO86831 T229328 – Netware – QO86832 T229329 – MacPPC – QO86833 T229330 – MacIntel – QO86834 T229331 – Linux390 – QO86835 T229332 – Linux – QO86836 T229333 – HP-UX – QO86837
CA Anti-Virus 7.1 (Windows):
T229337 – NT (32 bit) – QO86843 T229338 – NT (AMD64) – QO86846
CA Threat Manager for the Enterprise r8.1 (non Windows):
T229334 – Linux – QO86839 T229335 – Mac – QO86828 T229336 – Solaris – QO86829
How to determine if you are affected: For products on Windows: 1. Using Windows Explorer, locate the file “arclib.dll”. By default, the file is located in the “C:\Program Files\CA\SharedComponents\ScanEngine” directory(*). 2. Right click on the file and select Properties. 3. Select the Version tab. 4. If the file version is earlier than indicated in the table below, the installation is vulnerable.
File Name File Version arclib.dll 7.3.0.9
*For eTrust Intrusion Detection 2.0 the file is located in “Program Files\eTrust\Intrusion Detection\Common”, and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in “Program Files\CA\Intrusion Detection\Common”.
For CA Anti-Virus r8.1 on non-Windows: Use the compver utility provided on the CD to determine the version of arclib.dll. The same version information above applies.
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ Security Notice for CA Products Containing Arclib http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot .asp Solution Document Reference APARs: QO89469, QO87114, QO89141, QO89139, QO89140, QO89138, QO89140, QO89138, QO89381, QO89474, QO86925, QO86923, QO86831, QO86832, QO86833, QO86834, QO86835, QO86836, QO86837, QO86843, QO86846, QO86839, QO86828, QO86829 CA Security Advisor posting: CA Products Arclib Library Denial of Service Vulnerabilities http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847 CA Vuln ID (CAID): 35525, 35526 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35525 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35526 Reported By: CVE-2006-5645 - Titon of BastardLabs and Damian Put working with the iDefense VCP. CVE-2007-3875 - An anonymous researcher working with the iDefense VCP. Sergio Alvarez of n.runs AG also reported these issues. iDefense advisories: Computer Associates AntiVirus CHM File Handling DoS Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439 CVE References: CVE-2006-5645, CVE-2007-3875 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5645 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3875 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFGpp9beSWR3+KUGYURAplHAJ4paEd/cX+2AxdBWfnw2zhfjAGQwACfW+mo tCqbonQi4DvtQ9a45c65y70= =o8Ac -----END PGP SIGNATURE----- . BACKGROUND
eTrust is an antivirus application developed by Computer Associates. More information can be found on the vendor's website at the following URL.
http://www3.ca.com/solutions/product.aspx?ID=156
II. DESCRIPTION
Remote exploitation of a denial of Service (DoS) vulnerability in Computer Associates Inc.'s eTrust Antivirus products could allow attackers to create a DoS condition on the affected computer.
III. ANALYSIS
This denial of service attack will prevent the scanner from scanning other files on disk while it is stuck on the exploit file. The hung process can be quit by the user and does not consume all system resources.
IV. DETECTION
iDefense has confirmed this vulnerability in eTrust AntiVirus version r8. Previous versions of eTrust Antivirus are suspected vulnerable. Other Computer Associates products, as well as derived products, may also be vulnerable.
V. WORKAROUND
iDefense is not aware of any workarounds for this issue.
VI. VENDOR RESPONSE
Computer Associates has addressed this vulnerability by releasing updates. More information is available within Computer Associates advisory at the following URL.
http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2007-3875 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
01/16/2007 Initial vendor notification 01/17/2007 Initial vendor response 07/24/2007 Coordinated public disclosure
IX. CREDIT
The discoverer of this vulnerability wishes to remain anonymous.
Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2007 iDefense, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. scanning a specially crafted RAR archive. Please see the vendor's advisory for details. 2) The vendor credits Titon of BastardLabs and Damian Put, reported via iDefense Labs.
ORIGINAL ADVISORY: CA: http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp
iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200707-0263",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r3"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.4,
"vendor": "ca",
"version": "8"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2"
},
{
"model": "etrust internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1"
},
{
"model": "antivirus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "lte",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "brigthstor arcserve client for windows",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "antispyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "antispyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "brightstor enterprise backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.5"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "9.01"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11"
},
{
"model": "anti virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "brightstor arcserve client",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r2"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "brightstor arcserve backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brightstor arcserve client",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brightstor enterprise backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brigthstor arcserve client for windows",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-spyware for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "anti-virus sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "common services",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "protection suites",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "secure content manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "etrust internet security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "unicenter network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2007"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates etrust internet security suite r1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates anti-virus gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust intrusion detection sp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.01"
},
{
"model": "associates anti-spyware for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2007"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates common services r11.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates anti-spyware for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services r11",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust antivirus r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates etrust intrusion detection sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust antivirus r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates anti-virus for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates arcserve client agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20078"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust internet security suite r2",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
}
],
"sources": [
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:anti-spyware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:brightstor_arcserve_backup",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:brightstor_arcserve_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:brightstor_enterprise_backup",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:brigthstor_arcserve_client_for_windows",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-spyware_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:common_services",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_intrusion_detection",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:protection_suites",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:secure_content_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:threat_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_anti-virus_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_ez_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_ez_armor",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_internet_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_network_and_systems_management",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
],
"trust": 0.6
},
"cve": "CVE-2007-3875",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-3875",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-27237",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3875",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-3875",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200707-453",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-27237",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file. Multiple Computer Associates products are prone to a denial-of-service vulnerability because the applications fail to handle malformed CHM files. \nSuccessfully exploiting this issue will cause the affected applications to stop responding, denying service to legitimate users. \nThis issue affects applications that use the \u0027arclib.dll\u0027 library versions prior to 7.3.0.9. The Arclib.DLL library in eTrust products has a security vulnerability. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nTitle: [CAID 35525, 35526]: CA Products Arclib Library Denial of \nService Vulnerabilities\n\nCA Vuln ID (CAID): 35525, 35526\n\nCA Advisory Date: 2007-07-24\n\nReported By:\nCVE-2006-5645 - Titon of BastardLabs and Damian Put \n \u003cpucik at overflow dot pl\u003e working with the iDefense VCP. \nCVE-2007-3875 - An anonymous researcher working with the iDefense \n VCP. \nSergio Alvarez of n.runs AG also reported these issues. \n\nImpact: A remote attacker can cause a denial of service. \n\nSummary: CA products that utilize the Arclib library contain two \ndenial of service vulnerabilities. The second vulnerability, \nCVE-2006-5645, is due to an application hang when processing a \nspecially malformed RAR file. \n\nMitigating Factors: None\n\nSeverity: CA has given these vulnerabilities a Medium risk rating. \n\nAffected Products:\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.0, \n 7.1, r8, r8.1\nCA Anti-Virus 2007 (v8)\neTrust EZ Antivirus r7, r6.1\nCA Internet Security Suite 2007 (v3)\neTrust Internet Security Suite r1, r2\neTrust EZ Armor r1, r2, r3.x\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) r8\nCA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus \n Gateway) 7.1\nCA Protection Suites r2, r3\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \n 1.1, 8.0\nCA Anti-Spyware for the Enterprise (Formerly eTrust PestPatrol) \n r8, 8.1\nCA Anti-Spyware 2007\nUnicenter Network and Systems Management (NSM) r3.0, r3.1, r11, \n r11.1\nBrightStor ARCserve Backup v9.01, r11 for Windows, r11.1, r11.5\nBrightStor Enterprise Backup r10.5\nBrightStor ARCserve Client agent for Windows\neTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1\nCA Common Services (CCS) r11, r11.1\nCA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)\n\nStatus and Recommendation:\nCA has provided an update to address the vulnerabilities. The \nupdated Arclib library is provided in automatic content updates \nwith most products. Ensure that the latest content update is \ninstalled. In the case where automatic updates are not available, \nuse the following product specific instructions. \n\nCA Secure Content Manager 1.1:\nApply QO89469. \n\nCA Secure Content Manager 8.0:\nApply QO87114. \n\nUnicenter Network and Systems Management (NSM) r3.0:\nApply QO89141. \n\nUnicenter Network and Systems Management (NSM) r3.1:\nApply QO89139. \n\nUnicenter Network and Systems Management (NSM) r11:\nApply QO89140. \n\nUnicenter Network and Systems Management (NSM) r11.1:\nApply QO89138. \n\nCA Common Services (CCS) r11:\nApply QO89140. \n\nCA Common Services (CCS) r11.1:\nApply QO89138. \n\nCA Anti-Virus Gateway 7.1:\nApply QO89381. \n\neTrust Intrusion Detection 2.0 SP1:\nApply QO89474. \n\neTrust Intrusion Detection 3.0:\nApply QO86925. \n\neTrust Intrusion Detection 3.0 SP1:\nApply QO86923. \n\nCA Protection Suites r2:\nApply updates for CA Anti-Virus 7.1. \n\nBrightStor ARCserve Backup and BrightStor ARCserve Client agent \nfor Windows:\n\nManually replace the arclib.dll file with the one provided in the \nCA Anti-Virus 7.1 fix set. \n\n1. Locate and rename the existing arclib.dll file. \n2. Download the CA Anti-Virus 7.1 patch that matches the host \n operating system. \n3. Unpack the patch and place the arclib.dll file in directory \n where the existing arclib.dll file was found in step 1. \n4. Reboot the host. \n\nCA Anti-Virus 7.1 (non Windows):\n\nT229327 \u2013 Solaris \u2013 QO86831\nT229328 \u2013 Netware \u2013 QO86832\nT229329 \u2013 MacPPC \u2013 QO86833\nT229330 \u2013 MacIntel \u2013 QO86834\nT229331 \u2013 Linux390 \u2013 QO86835\nT229332 \u2013 Linux \u2013 QO86836\nT229333 \u2013 HP-UX \u2013 QO86837\n\nCA Anti-Virus 7.1 (Windows):\n\nT229337 \u2013 NT (32 bit) \u2013 QO86843\nT229338 \u2013 NT (AMD64) \u2013 QO86846\n\nCA Threat Manager for the Enterprise r8.1 (non Windows):\n\nT229334 \u2013 Linux \u2013 QO86839 \nT229335 \u2013 Mac \u2013 QO86828\nT229336 \u2013 Solaris \u2013 QO86829\n\nHow to determine if you are affected:\nFor products on Windows:\n1. Using Windows Explorer, locate the file \u201carclib.dll\u201d. By \n default, the file is located in the \n \u201cC:\\Program Files\\CA\\SharedComponents\\ScanEngine\u201d directory(*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. If the file version is earlier than indicated in the table \n below, the installation is vulnerable. \n\nFile Name File Version\narclib.dll 7.3.0.9\n\n*For eTrust Intrusion Detection 2.0 the file is located in \n\u201cProgram Files\\eTrust\\Intrusion Detection\\Common\u201d, and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\u201cProgram Files\\CA\\Intrusion Detection\\Common\u201d. \n\nFor CA Anti-Virus r8.1 on non-Windows:\nUse the compver utility provided on the CD to determine the \nversion of arclib.dll. The same version information above applies. \n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nSecurity Notice for CA Products Containing Arclib\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot\n.asp\nSolution Document Reference APARs:\nQO89469, QO87114, QO89141, QO89139, QO89140, QO89138, QO89140, \nQO89138, QO89381, QO89474, QO86925, QO86923, QO86831, QO86832, \nQO86833, QO86834, QO86835, QO86836, QO86837, QO86843, QO86846, \nQO86839, QO86828, QO86829\nCA Security Advisor posting: \nCA Products Arclib Library Denial of Service Vulnerabilities\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847\nCA Vuln ID (CAID): 35525, 35526\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35525\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35526\nReported By:\nCVE-2006-5645 - Titon of BastardLabs and Damian Put \n \u003cpucik at overflow dot pl\u003e working with the iDefense VCP. \nCVE-2007-3875 - An anonymous researcher working with the iDefense \n VCP. \nSergio Alvarez of n.runs AG also reported these issues. \niDefense advisories: \nComputer Associates AntiVirus CHM File Handling DoS Vulnerability\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567\nMultiple Vendor Antivirus RAR File Denial of Service Vulnerability\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439\nCVE References:\nCVE-2006-5645, CVE-2007-3875\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5645\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3875\nOSVDB References: Pending\nhttp://osvdb.org/\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj8DBQFGpp9beSWR3+KUGYURAplHAJ4paEd/cX+2AxdBWfnw2zhfjAGQwACfW+mo\ntCqbonQi4DvtQ9a45c65y70=\n=o8Ac\n-----END PGP SIGNATURE-----\n. BACKGROUND\n\neTrust is an antivirus application developed by Computer Associates. \nMore information can be found on the vendor\u0027s website at the following\nURL. \n\nhttp://www3.ca.com/solutions/product.aspx?ID=156\n\nII. DESCRIPTION\n\nRemote exploitation of a denial of Service (DoS) vulnerability in\nComputer Associates Inc.\u0027s eTrust Antivirus products could allow\nattackers to create a DoS condition on the affected computer. \n\nIII. ANALYSIS\n\nThis denial of service attack will prevent the scanner from scanning\nother files on disk while it is stuck on the exploit file. The hung\nprocess can be quit by the user and does not consume all system\nresources. \n\nIV. DETECTION\n\niDefense has confirmed this vulnerability in eTrust AntiVirus version\nr8. Previous versions of eTrust Antivirus are suspected vulnerable. \nOther Computer Associates products, as well as derived products, may\nalso be vulnerable. \n\nV. WORKAROUND\n\niDefense is not aware of any workarounds for this issue. \n\nVI. VENDOR RESPONSE\n\nComputer Associates has addressed this vulnerability by releasing\nupdates. More information is available within Computer Associates\nadvisory at the following URL. \n\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2007-3875 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n01/16/2007 Initial vendor notification\n01/17/2007 Initial vendor response\n07/24/2007 Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2007 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. scanning a specially\ncrafted RAR archive. Please see the vendor\u0027s advisory for\ndetails. \n2) The vendor credits Titon of BastardLabs and Damian Put, reported\nvia iDefense Labs. \n\nORIGINAL ADVISORY:\nCA:\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp\n\niDefense Labs:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3875"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-27237",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3875",
"trust": 3.0
},
{
"db": "BID",
"id": "25049",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "26155",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-2639",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018450",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "58018",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "58024",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-27237",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58032",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"id": "VAR-200707-0263",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:57:26.565000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ca.com/"
},
{
"title": "CA eTrust Repair measures for multiple product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146845"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
},
{
"trust": 2.2,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
},
{
"trust": 1.8,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25049"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018450"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26155"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2639"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3875"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3875"
},
{
"trust": 0.3,
"url": "/archive/1/474601"
},
{
"trust": 0.3,
"url": "/archive/1/474568"
},
{
"trust": 0.3,
"url": "/archive/1/474605"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3875"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5645"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35526"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5645"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35525"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/solutions/product.aspx?id=156"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14862/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4088/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86829"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86846"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/314/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86837"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14867/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86831"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86835"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14433/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3099/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3391/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4092/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14804/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8147/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89139"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14868/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14434/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86828"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89474\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86843"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14864/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14869/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14437/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86832"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89469"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86839"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14436/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8144/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26155/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14866/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14865/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89381\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1683/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86833"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89138\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8250/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14863/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3390/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8119/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89140"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86925\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/313/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86836"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14435/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo87114"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86923\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86834"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/312/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89141"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10672/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/7112/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10673/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-26T00:00:00",
"db": "VULHUB",
"id": "VHN-27237"
},
{
"date": "2007-07-24T00:00:00",
"db": "BID",
"id": "25049"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"date": "2007-07-25T04:50:57",
"db": "PACKETSTORM",
"id": "58024"
},
{
"date": "2007-07-25T04:42:29",
"db": "PACKETSTORM",
"id": "58018"
},
{
"date": "2007-07-26T04:26:32",
"db": "PACKETSTORM",
"id": "58032"
},
{
"date": "2007-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"date": "2007-07-26T00:30:00",
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-27237"
},
{
"date": "2007-07-27T18:05:00",
"db": "BID",
"id": "25049"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"date": "2024-11-21T00:34:17.190000",
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Anti-Virus Such as arclib.dll Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
],
"trust": 0.6
}
}
var-200901-0282
Vulnerability from variot
Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. Computer Associates Anti-Virus engine is prone to multiple vulnerabilities that may allow certain compressed archives to bypass the scan engine. Successful exploits will allow attackers to distribute files containing malicious code that the antivirus engine will fail to detect. Products with 'arclib.dll' prior to version 7.3.0.15 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities
CA Advisory Reference: CA20090126-01
CA Advisory Date: 2009-01-26
Reported By: Thierry Zoller and Sergio Alvarez of n.runs AG
Impact: A remote attacker can evade detection. CA has released a new Anti-Virus engine to address the vulnerabilities. Consequently, detection evasion can be a concern for gateway anti-virus software if archives are not scanned, but the risk is effectively mitigated by the desktop anti-virus engine.
Mitigating Factors: See note above.
Severity: CA has given these vulnerabilities a Low risk rating. If your product is configured for automatic updates, you should already be protected, and you need to take no action. If your product is not configured for automatic updates, then you simply need to run the update utility included with your product.
How to determine if you are affected:
For products on Windows:
- Using Windows Explorer, locate the file "arclib.dll". By default, the file is located in the "C:\Program Files\CA\SharedComponents\ScanEngine" directory (*).
- Right click on the file and select Properties.
- Select the Version tab.
File Name File Version arclib.dll 7.3.0.15
*For eTrust Intrusion Detection 2.0 the file is located in "Program Files\eTrust\Intrusion Detection\Common", and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in "Program Files\CA\Intrusion Detection\Common".
For CA Anti-Virus r8.1 on non-Windows platforms:
Use the compver utility provided on the CD to determine the version of Arclib.
Example compver utility output: ------------------------------------------------ COMPONENT NAME VERSION ------------------------------------------------ eTrust Antivirus Arclib Archive Library 7.3.0.15 ... (followed by other components)
For reference, the following are file names for arclib on non-Windows operating systems:
Operating System File name Solaris libarclib.so Linux libarclib.so Mac OS X arclib.bundle
Workaround: Do not open email attachments or download files from untrusted sources.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1777 82
Regards, Ken Williams, Director ; 0xE2941985 CA Product Vulnerability Response Team
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2009 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.9.1 (Build 287) Charset: utf-8
wj8DBQFJfyMKeSWR3+KUGYURAkyRAJ94Db9OT0mSDBo8UiSAK7AWWt5XSgCfc89J SlKLxRwfw06DmTk2tmlcrJI= =Kjse -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "threat manager for the enterprise",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r8"
},
{
"_id": null,
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r2"
},
{
"_id": null,
"model": "anti-virus sdk",
"scope": null,
"trust": 1.4,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "internet security suite 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"_id": null,
"model": "threat manager for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.1"
},
{
"_id": null,
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.1"
},
{
"_id": null,
"model": "arcserve client agent",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": null
},
{
"_id": null,
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"_id": null,
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.0"
},
{
"_id": null,
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"_id": null,
"model": "anti-spyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"_id": null,
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2008"
},
{
"_id": null,
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"_id": null,
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.0"
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"_id": null,
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"_id": null,
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r11.5_nil_"
},
{
"_id": null,
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r12.0_nil_"
},
{
"_id": null,
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.0"
},
{
"_id": null,
"model": "internet security suite 2007",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3"
},
{
"_id": null,
"model": "antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"_id": null,
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r11.1"
},
{
"_id": null,
"model": "anti-spyware",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"_id": null,
"model": "anti-spyware",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2008"
},
{
"_id": null,
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11"
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"_id": null,
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"_id": null,
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r3"
},
{
"_id": null,
"model": "anti-spyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r8"
},
{
"_id": null,
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r8"
},
{
"_id": null,
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11.1"
},
{
"_id": null,
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r3.1"
},
{
"_id": null,
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r7"
},
{
"_id": null,
"model": "anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"_id": null,
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"_id": null,
"model": "internet security suite plus 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"_id": null,
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r6.1"
},
{
"_id": null,
"model": "anti-spyware 2007",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-spyware 2008",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-spyware for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-virus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-virus gateway",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "arcserve backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "arcserve for windows client agent",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "arcserve for windows server component",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "common services",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "etrust intrusion detection",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "gateway security",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "internet security suite plus 2008",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "protection suites",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "secure content manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "threat manager for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "etrust ez antivirus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"_id": null,
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11"
},
{
"_id": null,
"model": "anti-virus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2007"
},
{
"_id": null,
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "r7"
},
{
"_id": null,
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11.1"
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "r8"
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.1"
},
{
"_id": null,
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"_id": null,
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"_id": null,
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"_id": null,
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"_id": null,
"model": "associates threat manager for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates threat manager for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"_id": null,
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates protection suites",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"_id": null,
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"_id": null,
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"_id": null,
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"_id": null,
"model": "associates gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"_id": null,
"model": "associates etrust intrusion detection sp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.01"
},
{
"_id": null,
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"_id": null,
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"_id": null,
"model": "associates etrust intrusion detection sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0.0"
},
{
"_id": null,
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"_id": null,
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"_id": null,
"model": "associates etrust antivirus r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates etrust antivirus r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates common services r11.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates common services r11",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"_id": null,
"model": "associates arcserve for windows server component",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"_id": null,
"model": "associates arcserve client agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"_id": null,
"model": "associates arcserve",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"_id": null,
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"_id": null,
"model": "associates anti-virus gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"_id": null,
"model": "associates anti-spyware for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates anti-spyware for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"_id": null,
"model": "associates anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2007"
}
],
"sources": [
{
"db": "BID",
"id": "33464"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:anti-spyware_2007",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-spyware_2008",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-spyware_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_backup",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_for_windows_client_agent",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_for_windows_server_component",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:common_services",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_intrusion_detection",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:gateway_security",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite_plus_2008",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:network_and_systems_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:protection_suites",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:secure_content_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:threat_manager_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_ez_antivirus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
}
]
},
"credits": {
"_id": null,
"data": "Thierry Zoller and Sergio Alvarez of n.runs AG",
"sources": [
{
"db": "BID",
"id": "33464"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
],
"trust": 0.9
},
"cve": "CVE-2009-0042",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-0042",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-37488",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-0042",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-0042",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200901-407",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-37488",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"description": {
"_id": null,
"data": "Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. Computer Associates Anti-Virus engine is prone to multiple vulnerabilities that may allow certain compressed archives to bypass the scan engine. \nSuccessful exploits will allow attackers to distribute files containing malicious code that the antivirus engine will fail to detect. \nProducts with \u0027arclib.dll\u0027 prior to version 7.3.0.15 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nTitle: CA20090126-01: CA Anti-Virus Engine Detection Evasion \nMultiple Vulnerabilities\n\n\nCA Advisory Reference: CA20090126-01\n\n\nCA Advisory Date: 2009-01-26\n\n\nReported By:\nThierry Zoller and Sergio Alvarez of n.runs AG\n\n\nImpact: A remote attacker can evade detection. CA has \nreleased a new Anti-Virus engine to address the vulnerabilities. \nConsequently, detection evasion can be a concern for gateway \nanti-virus software if archives are not scanned, but the risk is \neffectively mitigated by the desktop anti-virus engine. \n\n\nMitigating Factors: See note above. \n\n\nSeverity: CA has given these vulnerabilities a Low risk rating. If your product is \nconfigured for automatic updates, you should already be protected, \nand you need to take no action. If your product is not configured \nfor automatic updates, then you simply need to run the update \nutility included with your product. \n\n\nHow to determine if you are affected:\n\nFor products on Windows:\n\n1. Using Windows Explorer, locate the file \"arclib.dll\". By \n default, the file is located in the \n \"C:\\Program Files\\CA\\SharedComponents\\ScanEngine\" directory (*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. \n\nFile Name File Version\narclib.dll 7.3.0.15\n\n*For eTrust Intrusion Detection 2.0 the file is located in \n\"Program Files\\eTrust\\Intrusion Detection\\Common\", and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\"Program Files\\CA\\Intrusion Detection\\Common\". \n\nFor CA Anti-Virus r8.1 on non-Windows platforms:\n\nUse the compver utility provided on the CD to determine the \nversion of Arclib. \n\nExample compver utility output:\n ------------------------------------------------\n COMPONENT NAME VERSION\n ------------------------------------------------\n eTrust Antivirus Arclib Archive Library 7.3.0.15\n ... (followed by other components)\n\nFor reference, the following are file names for arclib on \nnon-Windows operating systems:\n\nOperating System File name\nSolaris libarclib.so\nLinux libarclib.so\nMac OS X arclib.bundle\n\n\nWorkaround: \nDo not open email attachments or download files from untrusted \nsources. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your \nfindings to the CA Product Vulnerability Response Team. \nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1777\n82\n\n\nRegards,\nKen Williams, Director ; 0xE2941985\nCA Product Vulnerability Response Team\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2009 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.9.1 (Build 287)\nCharset: utf-8\n\nwj8DBQFJfyMKeSWR3+KUGYURAkyRAJ94Db9OT0mSDBo8UiSAK7AWWt5XSgCfc89J\nSlKLxRwfw06DmTk2tmlcrJI=\n=Kjse\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0042"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "BID",
"id": "33464"
},
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "PACKETSTORM",
"id": "74367"
}
],
"trust": 2.07
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2009-0042",
"trust": 2.9
},
{
"db": "BID",
"id": "33464",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1021639",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-0270",
"trust": 2.5
},
{
"db": "XF",
"id": "48261",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "74367",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-37488",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "BID",
"id": "33464"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "PACKETSTORM",
"id": "74367"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"id": "VAR-200901-0282",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:10:15.841000Z",
"patch": {
"_id": null,
"data": [
{
"title": "197601",
"trust": 0.8,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601"
},
{
"title": "Computer Associates Anti-Virus Engine Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146829"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-noinfo",
"trust": 0.8
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/33464"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1021639"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/0270"
},
{
"trust": 2.0,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=197601"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/500417/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48261"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0042"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/48261"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0042"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/500417"
},
{
"trust": 0.3,
"url": "/archive/1/503447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0042"
},
{
"trust": 0.1,
"url": "http://www.nruns.com/"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=1777"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://secdev.zoller.lu"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://support.ca.com."
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=1976"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "BID",
"id": "33464"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "PACKETSTORM",
"id": "74367"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-37488",
"ident": null
},
{
"db": "BID",
"id": "33464",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "74367",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2009-0042",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2009-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-37488",
"ident": null
},
{
"date": "2009-01-27T00:00:00",
"db": "BID",
"id": "33464",
"ident": null
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002620",
"ident": null
},
{
"date": "2009-01-28T00:18:02",
"db": "PACKETSTORM",
"id": "74367",
"ident": null
},
{
"date": "2009-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-407",
"ident": null
},
{
"date": "2009-01-28T01:30:00.453000",
"db": "NVD",
"id": "CVE-2009-0042",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-37488",
"ident": null
},
{
"date": "2009-05-12T22:06:00",
"db": "BID",
"id": "33464",
"ident": null
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002620",
"ident": null
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-407",
"ident": null
},
{
"date": "2024-11-21T00:58:56.143000",
"db": "NVD",
"id": "CVE-2009-0042",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "74367"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "plural CA Product Arclib library Vulnerabilities that can bypass virus detection",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
],
"trust": 0.6
}
}
Vulnerability from fkie_nvd
Published
2007-07-26 00:30
Modified
2024-11-21 00:34
Severity ?
Summary
arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:anti-spyware:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "385B8B52-F5EA-4E13-A7EE-C2D1B694C785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCCEAF14-75C0-4B4E-BACB-B84D69A276BA",
"versionEndIncluding": "8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA94302-1501-4744-8296-6A6CD763DC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "607CCBDA-7288-4496-A7ED-EF6DED40CA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B76576-ABB1-439E-80B0-0B5AAE14BA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE175BB8-DF9B-4DA0-AD2F-885CC13BB812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti_virus_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C02D3C8C-D739-4538-8660-1ED99FFE673F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:antispyware_for_the_enterprise:8:*:*:*:*:*:*:*",
"matchCriteriaId": "4545DACA-EFD3-4764-897B-844C010B49E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:antispyware_for_the_enterprise:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "877B83A0-A399-4B1A-9324-481DF04A104C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:antivirus_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B1A8FDA-3780-440A-BDAB-3BE11BF76951",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D546DEE1-E8A0-4321-AE5E-1DEEE719FC06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brigthstor_arcserve_client_for_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "672B430D-3BE7-4BA0-A0A6-7ABED96DE892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2FA702-184A-44FF-8DEA-7811804EE175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D301B65D-A20B-4991-A0D8-DFE3363F162B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*",
"matchCriteriaId": "05185A74-8484-419D-A3CE-8603928AF0DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:7:*:*:*:*:*:*:*",
"matchCriteriaId": "463CBA1F-89DC-4D24-8F27-276406D423ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:1:*:*:*:*:*:*:*",
"matchCriteriaId": "330B61D3-302D-46A7-92F2-DF68B0BBB1B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2:*:*:*:*:*:*:*",
"matchCriteriaId": "76D8B409-194E-4588-AE69-6E42090C443C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1FDED6-7616-4F92-B660-47BE99EAD4E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_internet_security_suite:1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC5201-F780-42BD-B859-163E79E65FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_internet_security_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5EF0113-DBFB-41F8-AE3F-B4B8C77ED159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C00221F9-33EE-4221-A5B3-A1AE42A7B9D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3DDF2EE3-753B-4C7E-84EF-144FA5986A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "285013A5-E058-4B2B-B8B6-1BFF72388589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DADD1E6-3454-4C1E-AD46-82D79CB8F528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E02DA21-B25B-4626-BFDC-61AA8AF3537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:threat_manager:8:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8EE8B0-CAA6-46CB-8A8E-66F3FD49FEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFA39E3-A614-4A64-B29C-86D6F12F1557",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4434A4-EE82-46A1-9293-345991515369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43CD3B48-C978-4FDB-B157-85F3E971446B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D10B864B-AA39-4702-A42B-F33BAF2D8059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
"matchCriteriaId": "253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file."
},
{
"lang": "es",
"value": "arclib.dll anterior a 7.3.0.9 en CA Anti-Virus (formalmente eTrust Antivirus) 8 y otros ciertos productos CA permiten a atacantes remotos provocar denegaci\u00f3n de servicio (bucles infinitos y perdida de funcionalidad antivirus) a trav\u00e9s de un campo\"listado previo de un trozo de n\u00famero\" en un cierto archivo CHM."
}
],
"id": "CVE-2007-3875",
"lastModified": "2024-11-21T00:34:17.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-26T00:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26155"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25049"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018450"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2639"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-28 01:30
Modified
2024-11-21 00:58
Severity ?
Summary
Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:anti-spyware:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "385B8B52-F5EA-4E13-A7EE-C2D1B694C785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-spyware:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "145A8680-6EDC-47CB-9754-F29D45251E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-spyware_for_the_enterprise:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89F14F0B-C67C-4EF4-81DE-A5DB9A607CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-spyware_for_the_enterprise:r8:*:*:*:*:*:*:*",
"matchCriteriaId": "EB09F459-B652-4C6F-B481-89E73D750BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*",
"matchCriteriaId": "C469EBBE-EE96-4CED-BD8C-36461750C6A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "9C5E892B-0EE8-4B76-97B8-0BAF17E83F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "607CCBDA-7288-4496-A7ED-EF6DED40CA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE175BB8-DF9B-4DA0-AD2F-885CC13BB812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*",
"matchCriteriaId": "11BCD267-E8CE-4A97-B769-5F4CAF9830D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "865B7BD2-3AD1-41CA-842B-47BC4F1426DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:antivirus_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E779636-EBB1-4A8A-BB87-E6759E92BE6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:arcserve_client_agent:-:*:windows:*:*:*:*:*",
"matchCriteriaId": "8E8F42A2-E1D8-4224-8D3F-EA644D490347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
"matchCriteriaId": "0E2FA702-184A-44FF-8DEA-7811804EE175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D301B65D-A20B-4991-A0D8-DFE3363F162B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:r6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C94D2000-2B28-4055-B528-437E2399F2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:r7:*:*:*:*:*:*:*",
"matchCriteriaId": "E8741DC0-CCDD-456D-B155-24A4A447A2CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3DDF2EE3-753B-4C7E-84EF-144FA5986A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D703BC4-2604-415D-ABA7-E2ED92B82FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF55705-42ED-4503-8534-FDEA365E84E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB548763-E1A7-4DB1-BE86-ED5AA1CA81BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*",
"matchCriteriaId": "6B28429A-F343-4BE8-A94D-5A5AC3F6258C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF64064-1C35-4888-BBC2-52F68EF9517F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E02DA21-B25B-4626-BFDC-61AA8AF3537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:secure_content_manager:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77203D28-404B-464B-A444-6D17C91517FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:_nil_:linux:*:*:*:*:*",
"matchCriteriaId": "7B114475-CA4D-49CB-BAC5-D7282CB3E870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:_nil_:windows:*:*:*:*:*",
"matchCriteriaId": "69135166-4E5A-4D22-9EB7-B052D5B5D751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5_nil_:linux:*:*:*:*:*:*",
"matchCriteriaId": "585DAE6C-4516-4D00-987F-4BCE3D68190C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5_nil_:windows:*:*:*:*:*:*",
"matchCriteriaId": "1CC0D532-65D5-491A-A0F3-1FFA1C95F0A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r12.0_nil_:windows:*:*:*:*:*:*",
"matchCriteriaId": "1CBFEC61-C17D-4A3F-A7EA-1F45E729172A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "29FEABEE-DC17-4620-B088-B24249865931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D10B864B-AA39-4702-A42B-F33BAF2D8059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:internet_security_suite_2007:3:*:*:*:*:*:*:*",
"matchCriteriaId": "636F7EE3-22C6-4400-AE70-E8AFA0B9E2F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0281F80B-CF9C-482D-B7A9-3B2651BD0567",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33F7E184-EA23-487C-83ED-65CF8DD2DB18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
"matchCriteriaId": "253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC845898-3D77-4793-971E-5E1555ED9CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:threat_manager_for_the_enterprise:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FA3811-B3C7-4CD5-A399-EB427BDB50DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:threat_manager_for_the_enterprise:r8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E7E12A7-F92F-47E3-B810-4019FD885B60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades sin especificar en la bilioteca Arclib (arclib.dll) anterior a v 7.3.0.15 en el motor de CA Anti-Virus para CA Anti-Virus Enterprise v7.1, r8, y r8.1; Anti-Virus 2007 v8 y 2008; Internet Security Suite 2007 v3 y 2008; y otros productos CA, permite a atacantes remotos evitar la detecci\u00f3n de virus a trav\u00e9s de un fichero mal formado."
}
],
"id": "CVE-2009-0042",
"lastModified": "2024-11-21T00:58:56.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-01-28T01:30:00.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/500417/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/33464"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021639"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0270"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/500417/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48261"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}