Vulnerability-Lookup - Search a vulnerability

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

FKIE_CVE-2009-3587

Vulnerability from fkie_nvd - Published: 2009-10-13 10:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.

References

URL	Tags
cve@mitre.org	http://osvdb.org/58691	Broken Link
cve@mitre.org	http://secunia.com/advisories/36976	Third Party Advisory
cve@mitre.org	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878	Broken Link, Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/507068/100/0/threaded	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securityfocus.com/bid/36653	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id?1022999	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2009/2852	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/53697	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/58691	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36976	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878	Broken Link, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/507068/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36653	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022999	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/2852	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/53697	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
broadcom	anti-virus	2007
broadcom	anti-virus	2008
broadcom	anti-virus_for_the_enterprise	7.1
broadcom	anti-virus_for_the_enterprise	r8
broadcom	anti-virus_sdk	*
broadcom	common_services	11
broadcom	common_services	11.1
broadcom	etrust_antivirus	7.1
broadcom	etrust_antivirus	8
broadcom	etrust_antivirus	8.1
broadcom	etrust_integrated_threat_management	8.1
broadcom	etrust_intrusion_detection	3.0
broadcom	etrust_secure_content_manager	1.1
broadcom	internet_security_suite	*
broadcom	internet_security_suite	3.0
broadcom	network_and_systems_management	r3.0
broadcom	network_and_systems_management	r3.1
broadcom	network_and_systems_management	r11
broadcom	network_and_systems_management	r11.1
broadcom	secure_content_manager	1.1
broadcom	secure_content_manager	8.0
broadcom	unicenter_network_and_systems_management	3.0
broadcom	unicenter_network_and_systems_management	3.1
broadcom	unicenter_network_and_systems_management	11
broadcom	unicenter_network_and_systems_management	11.1
ca	anti-virus	2009
ca	anti-virus_for_the_enterprise	r8.1
ca	anti-virus_gateway	7.1
ca	anti-virus_plus	2009
ca	arcserve_backup	r11.5
ca	arcserve_for_windows_client_agent	*
ca	arcserve_for_windows_server_component	*
ca	common_services	3.1
ca	etrust_anti-virus_gateway	7.1
ca	etrust_anti-virus_sdk	*
ca	etrust_ez_antivirus	r7.1
ca	etrust_intrusion_detection	2.0
ca	etrust_intrusion_detection	3.0
ca	etrust_secure_content_manager	8.0
ca	gateway_security	r8.1
ca	internet_security_suite_2008	*
ca	internet_security_suite_plus_2008	*
ca	internet_security_suite_plus_2009	*
ca	protection_suites	r2
ca	protection_suites	r3
ca	protection_suites	r3.1
ca	threat_manager	8.1
ca	threat_manager	r8
ca	threat_manager_total_defense	*
ca	arcserve_backup	r11.1
ca	arcserve_backup	r11.5
linux	linux_kernel	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*",
              "matchCriteriaId": "C469EBBE-EE96-4CED-BD8C-36461750C6A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C5E892B-0EE8-4B76-97B8-0BAF17E83F49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "607CCBDA-7288-4496-A7ED-EF6DED40CA21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*",
              "matchCriteriaId": "11BCD267-E8CE-4A97-B769-5F4CAF9830D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865B7BD2-3AD1-41CA-842B-47BC4F1426DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E2FA702-184A-44FF-8DEA-7811804EE175",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D301B65D-A20B-4991-A0D8-DFE3363F162B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "05185A74-8484-419D-A3CE-8603928AF0DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52C533CA-ACB7-4C0F-98E2-B5E51E24A554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD8D5F0-9606-4BBA-B7F9-ACD089B84DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DDF2EE3-753B-4C7E-84EF-144FA5986A21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F30C4FF9-DB76-4B3F-9582-752097B3D521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "285013A5-E058-4B2B-B8B6-1BFF72388589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF55705-42ED-4503-8534-FDEA365E84E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB548763-E1A7-4DB1-BE86-ED5AA1CA81BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B28429A-F343-4BE8-A94D-5A5AC3F6258C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF64064-1C35-4888-BBC2-52F68EF9517F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DADD1E6-3454-4C1E-AD46-82D79CB8F528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E02DA21-B25B-4626-BFDC-61AA8AF3537E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EFA39E3-A614-4A64-B29C-86D6F12F1557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4434A4-EE82-46A1-9293-345991515369",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43CD3B48-C978-4FDB-B157-85F3E971446B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus:2009:*:*:*:*:*:*:*",
              "matchCriteriaId": "6050CADE-7BAF-45B7-A031-F70558C7CE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus_for_the_enterprise:r8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0186ADA-0E20-4E14-B9D5-19CDFC1BD98F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus_gateway:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD75FF0F-A36C-40AF-A99E-1596A6A6FE2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus_plus:2009:*:*:*:*:*:*:*",
              "matchCriteriaId": "BED8CEF9-6AEC-4771-98F7-051E4B3E0848",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_for_windows_client_agent:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5603FDAD-A347-4A44-BC45-1ADC44601D65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_for_windows_server_component:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5086D7CF-EBAB-4E30-98E0-0D276CC1C707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:common_services:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FAD043E-3ABE-46D7-AD17-A68858692A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_anti-virus_gateway:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C13B0E1-DCEE-46E5-81A3-C08C07C58B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_anti-virus_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "257CC950-F1BB-4D0A-9B05-98A58DB67532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_ez_antivirus:r7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0A641A2-4147-4C41-B102-18417ECA9339",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "29FEABEE-DC17-4620-B088-B24249865931",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D10B864B-AA39-4702-A42B-F33BAF2D8059",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB54A16-5E56-46FC-A49C-56C98C0B8F1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:gateway_security:r8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B44F941C-83DC-4EDA-B258-C35F5EDA819E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0281F80B-CF9C-482D-B7A9-3B2651BD0567",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F7E184-EA23-487C-83ED-65CF8DD2DB18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:internet_security_suite_plus_2009:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "951062B1-C72B-4EAF-BA54-6986434036FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
              "matchCriteriaId": "253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC845898-3D77-4793-971E-5E1555ED9CDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:threat_manager:8.1:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "0115D81C-2CA2-424C-BE4B-0896C9ADA68E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:threat_manager:r8:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "A38801CD-167E-408E-89BD-52BB1B89041B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:threat_manager_total_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6AEE8BC-8D0E-464F-88B7-5C2C2D372AFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente arclib en el motor Anti-Virus en CA Anti-Virus para Enterprise (formalmente eTrust Antivirus) v7.1 hasta v8.1; Anti-Virus 2007 (v8) hasta 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) hasta Plus 2009; y otros productos CA permite a atacantes remotos causar una denegaci\u00f3n de servicio y ejecutar probablemente c\u00f3digo de su elecci\u00f3n a trav\u00e9s del archivo RAR manipulado que provoca una corrupci\u00f3n de la memoria din\u00e1mica, una vulnerabilidad diferente que CVE-2009-3588."
    }
  ],
  "id": "CVE-2009-3587",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-13T10:30:00.610",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/58691"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/36976"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/36653"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1022999"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2852"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/58691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/36976"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/36653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1022999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-3588

Vulnerability from fkie_nvd - Published: 2009-10-13 10:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/36976	Vendor Advisory
cve@mitre.org	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/507068/100/0/threaded	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securityfocus.com/bid/36653	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id?1022999	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2009/2852	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/53698	VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36976	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/507068/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36653	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022999	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/2852	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/53698	VDB Entry

Impacted products

Vendor	Product	Version
broadcom	anti-virus	2007
broadcom	anti-virus	2008
broadcom	anti-virus_for_the_enterprise	7.1
broadcom	anti-virus_for_the_enterprise	r8
broadcom	anti-virus_sdk	*
broadcom	common_services	11
broadcom	common_services	11.1
broadcom	etrust_antivirus	7.1
broadcom	etrust_antivirus	8
broadcom	etrust_antivirus	8.1
broadcom	etrust_integrated_threat_management	8.1
broadcom	etrust_intrusion_detection	3.0
broadcom	etrust_secure_content_manager	1.1
broadcom	internet_security_suite	*
broadcom	internet_security_suite	3.0
broadcom	network_and_systems_management	r3.0
broadcom	network_and_systems_management	r3.1
broadcom	network_and_systems_management	r11
broadcom	network_and_systems_management	r11.1
broadcom	secure_content_manager	1.1
broadcom	secure_content_manager	8.0
broadcom	unicenter_network_and_systems_management	3.0
broadcom	unicenter_network_and_systems_management	3.1
broadcom	unicenter_network_and_systems_management	11
broadcom	unicenter_network_and_systems_management	11.1
ca	anti-virus	2009
ca	anti-virus_for_the_enterprise	r8.1
ca	anti-virus_gateway	7.1
ca	anti-virus_plus	2009
ca	arcserve_for_windows_client_agent	*
ca	arcserve_for_windows_server_component	*
ca	common_services	3.1
ca	etrust_anti-virus_gateway	7.1
ca	etrust_anti-virus_sdk	*
ca	etrust_ez_antivirus	r7.1
ca	etrust_intrusion_detection	2.0
ca	etrust_intrusion_detection	3.0
ca	etrust_secure_content_manager	8.0
ca	gateway_security	r8.1
ca	internet_security_suite_2008	*
ca	internet_security_suite_plus_2008	*
ca	internet_security_suite_plus_2009	*
ca	protection_suites	r2
ca	protection_suites	r3
ca	protection_suites	r3.1
ca	threat_manager	8.1
ca	threat_manager	r8
ca	threat_manager_total_defense	*
broadcom	arcserve_backup	r12.0
broadcom	arcserve_backup	r12.0
ca	arcserve_backup	r11.5
microsoft	windows	*
ca	arcserve_backup	r11.1
ca	arcserve_backup	r11.5
linux	linux_kernel	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*",
              "matchCriteriaId": "C469EBBE-EE96-4CED-BD8C-36461750C6A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C5E892B-0EE8-4B76-97B8-0BAF17E83F49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "607CCBDA-7288-4496-A7ED-EF6DED40CA21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*",
              "matchCriteriaId": "11BCD267-E8CE-4A97-B769-5F4CAF9830D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865B7BD2-3AD1-41CA-842B-47BC4F1426DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E2FA702-184A-44FF-8DEA-7811804EE175",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D301B65D-A20B-4991-A0D8-DFE3363F162B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "05185A74-8484-419D-A3CE-8603928AF0DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52C533CA-ACB7-4C0F-98E2-B5E51E24A554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD8D5F0-9606-4BBA-B7F9-ACD089B84DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DDF2EE3-753B-4C7E-84EF-144FA5986A21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F30C4FF9-DB76-4B3F-9582-752097B3D521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "285013A5-E058-4B2B-B8B6-1BFF72388589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF55705-42ED-4503-8534-FDEA365E84E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB548763-E1A7-4DB1-BE86-ED5AA1CA81BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B28429A-F343-4BE8-A94D-5A5AC3F6258C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF64064-1C35-4888-BBC2-52F68EF9517F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DADD1E6-3454-4C1E-AD46-82D79CB8F528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E02DA21-B25B-4626-BFDC-61AA8AF3537E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EFA39E3-A614-4A64-B29C-86D6F12F1557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4434A4-EE82-46A1-9293-345991515369",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43CD3B48-C978-4FDB-B157-85F3E971446B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus:2009:*:*:*:*:*:*:*",
              "matchCriteriaId": "6050CADE-7BAF-45B7-A031-F70558C7CE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus_for_the_enterprise:r8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0186ADA-0E20-4E14-B9D5-19CDFC1BD98F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus_gateway:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD75FF0F-A36C-40AF-A99E-1596A6A6FE2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus_plus:2009:*:*:*:*:*:*:*",
              "matchCriteriaId": "BED8CEF9-6AEC-4771-98F7-051E4B3E0848",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_for_windows_client_agent:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5603FDAD-A347-4A44-BC45-1ADC44601D65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_for_windows_server_component:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5086D7CF-EBAB-4E30-98E0-0D276CC1C707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:common_services:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FAD043E-3ABE-46D7-AD17-A68858692A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_anti-virus_gateway:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C13B0E1-DCEE-46E5-81A3-C08C07C58B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_anti-virus_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "257CC950-F1BB-4D0A-9B05-98A58DB67532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_ez_antivirus:r7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0A641A2-4147-4C41-B102-18417ECA9339",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "29FEABEE-DC17-4620-B088-B24249865931",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D10B864B-AA39-4702-A42B-F33BAF2D8059",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB54A16-5E56-46FC-A49C-56C98C0B8F1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:gateway_security:r8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B44F941C-83DC-4EDA-B258-C35F5EDA819E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0281F80B-CF9C-482D-B7A9-3B2651BD0567",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F7E184-EA23-487C-83ED-65CF8DD2DB18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:internet_security_suite_plus_2009:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "951062B1-C72B-4EAF-BA54-6986434036FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
              "matchCriteriaId": "253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC845898-3D77-4793-971E-5E1555ED9CDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:threat_manager:8.1:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "0115D81C-2CA2-424C-BE4B-0896C9ADA68E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:threat_manager:r8:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "A38801CD-167E-408E-89BD-52BB1B89041B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:threat_manager_total_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6AEE8BC-8D0E-464F-88B7-5C2C2D372AFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "0486108C-E36C-4746-919E-C760E10EBAE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "CD2F60F0-E8B8-46E6-932E-DF9F4457B47C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad inespec\u00edfica en el componente arclib en el motor antivirus en CA Anti-Virus para empresas (anteriormente eTrust Antivirus) desde v7.1 hasta r8.1; Anti-Virus desde 2007 (v8) hasta 2009; eTrust EZ Antivirus r7.1; Internet Security Suite desde 2007 (v3) hasta Plus 2009; y otros productos de CA permite a atacantes remotos producir una denegaci\u00f3n de servicio a trav\u00e9s de un archivo RAR manipulado que inicia la corrupci\u00f3n de la pila, una vulnerabilidad diferente que CVE-2009-3587."
    }
  ],
  "id": "CVE-2009-3588",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-13T10:30:00.627",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36976"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/36653"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1022999"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2852"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36976"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/36653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1022999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2008-2926

Vulnerability from fkie_nvd - Published: 2008-08-12 23:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/31434	Patch, Vendor Advisory
cve@mitre.org	http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559
cve@mitre.org	http://www.securityfocus.com/archive/1/495397/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/30651
cve@mitre.org	http://www.securitytracker.com/id?1020658
cve@mitre.org	http://www.securitytracker.com/id?1020659
cve@mitre.org	http://www.securitytracker.com/id?1020660
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2339
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44392
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31434	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/495397/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/30651
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020658
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020659
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020660
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2339
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44392

Impacted products

Vendor	Product	Version
broadcom	internet_security_suite	3.0
ca	host_based_intrusion_prevention_system	r8
ca	internet_security_suite_2008	*
ca	personal_firewall_2007	*
ca	personal_firewall_2008	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "285013A5-E058-4B2B-B8B6-1BFF72388589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:host_based_intrusion_prevention_system:r8:*:*:*:*:*:*:*",
              "matchCriteriaId": "051FF92A-292B-4F5F-929C-4F0E654F4B87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0281F80B-CF9C-482D-B7A9-3B2651BD0567",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:personal_firewall_2007:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE4A13-0C9A-44A9-B74F-7E87D0F8DE4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:personal_firewall_2008:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "853DBC05-6624-43CD-A9E3-65F93B58BB99",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request."
    },
    {
      "lang": "es",
      "value": "El Controlador kmxfw.sys en el Sistema de prevenci\u00f3n de intrusiones basado en Host (Host-Based Intrusion Prevention System) r8 (HIPS-r8), como el utilizado en CA Internet Security Suite and Personal Firewall, no verifica de forma adecuada las peticiones IOCTL, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) o posiblemente, obtengan privilegios a trav\u00e9s de peticiones manipuladas.\r\n\r\n"
    }
  ],
  "id": "CVE-2008-2926",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-12T23:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31434"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/30651"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020658"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020659"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020660"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/2339"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30651"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020660"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2007-3875

Vulnerability from fkie_nvd - Published: 2007-07-26 00:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567	Patch
cve@mitre.org	http://secunia.com/advisories/26155	Patch, Vendor Advisory
cve@mitre.org	http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp	Patch
cve@mitre.org	http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847
cve@mitre.org	http://www.securityfocus.com/archive/1/474601/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/474605/100/100/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/474683/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/25049	Patch
cve@mitre.org	http://www.securitytracker.com/id?1018450
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2639
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/35573
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26155	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/474601/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/474605/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/474683/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25049	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018450
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2639
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/35573

Impacted products

Vendor	Product	Version
broadcom	anti-spyware	2007
broadcom	anti-virus_for_the_enterprise	*
broadcom	anti-virus_for_the_enterprise	7.0
broadcom	anti-virus_for_the_enterprise	7.1
broadcom	anti-virus_for_the_enterprise	8
broadcom	anti-virus_for_the_enterprise	8.1
broadcom	anti_virus_sdk	*
broadcom	antispyware_for_the_enterprise	8
broadcom	antispyware_for_the_enterprise	8.1
broadcom	antivirus_sdk	*
broadcom	brightstor_arcserve_backup	9.01
broadcom	brightstor_arcserve_backup	11.1
broadcom	brightstor_arcserve_backup	11.5
broadcom	brightstor_arcserve_client	*
broadcom	brightstor_enterprise_backup	10.5
broadcom	brigthstor_arcserve_client_for_windows	*
broadcom	common_services	11
broadcom	common_services	11.1
broadcom	etrust_antivirus	8
broadcom	etrust_antivirus_gateway	7.1
broadcom	etrust_ez_antivirus	6.1
broadcom	etrust_ez_antivirus	7
broadcom	etrust_ez_armor	1
broadcom	etrust_ez_armor	2
broadcom	etrust_ez_armor	3
broadcom	etrust_internet_security_suite	1
broadcom	etrust_internet_security_suite	2
broadcom	etrust_intrusion_detection	2.0
broadcom	etrust_intrusion_detection	3.0
broadcom	internet_security_suite	3.0
broadcom	secure_content_manager	1.1
broadcom	secure_content_manager	8.0
broadcom	threat_manager	8
broadcom	unicenter_network_and_systems_management	3.0
broadcom	unicenter_network_and_systems_management	3.1
broadcom	unicenter_network_and_systems_management	11
broadcom	unicenter_network_and_systems_management	11.1
ca	brightstor_arcserve_backup	11
ca	etrust_intrusion_detection	3.0
ca	protection_suites	r2
ca	protection_suites	r3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:anti-spyware:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "385B8B52-F5EA-4E13-A7EE-C2D1B694C785",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCCEAF14-75C0-4B4E-BACB-B84D69A276BA",
              "versionEndIncluding": "8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACA94302-1501-4744-8296-6A6CD763DC6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "607CCBDA-7288-4496-A7ED-EF6DED40CA21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B76576-ABB1-439E-80B0-0B5AAE14BA45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE175BB8-DF9B-4DA0-AD2F-885CC13BB812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti_virus_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02D3C8C-D739-4538-8660-1ED99FFE673F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:antispyware_for_the_enterprise:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4545DACA-EFD3-4764-897B-844C010B49E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:antispyware_for_the_enterprise:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "877B83A0-A399-4B1A-9324-481DF04A104C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:antivirus_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B1A8FDA-3780-440A-BDAB-3BE11BF76951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_client:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D546DEE1-E8A0-4321-AE5E-1DEEE719FC06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brigthstor_arcserve_client_for_windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "672B430D-3BE7-4BA0-A0A6-7ABED96DE892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E2FA702-184A-44FF-8DEA-7811804EE175",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D301B65D-A20B-4991-A0D8-DFE3363F162B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "05185A74-8484-419D-A3CE-8603928AF0DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:7:*:*:*:*:*:*:*",
              "matchCriteriaId": "463CBA1F-89DC-4D24-8F27-276406D423ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:1:*:*:*:*:*:*:*",
              "matchCriteriaId": "330B61D3-302D-46A7-92F2-DF68B0BBB1B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D8B409-194E-4588-AE69-6E42090C443C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A1FDED6-7616-4F92-B660-47BE99EAD4E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_internet_security_suite:1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CC5201-F780-42BD-B859-163E79E65FE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_internet_security_suite:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5EF0113-DBFB-41F8-AE3F-B4B8C77ED159",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00221F9-33EE-4221-A5B3-A1AE42A7B9D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DDF2EE3-753B-4C7E-84EF-144FA5986A21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "285013A5-E058-4B2B-B8B6-1BFF72388589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DADD1E6-3454-4C1E-AD46-82D79CB8F528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E02DA21-B25B-4626-BFDC-61AA8AF3537E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:threat_manager:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8EE8B0-CAA6-46CB-8A8E-66F3FD49FEE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EFA39E3-A614-4A64-B29C-86D6F12F1557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4434A4-EE82-46A1-9293-345991515369",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43CD3B48-C978-4FDB-B157-85F3E971446B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
              "matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D10B864B-AA39-4702-A42B-F33BAF2D8059",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
              "matchCriteriaId": "253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file."
    },
    {
      "lang": "es",
      "value": "arclib.dll anterior a 7.3.0.9 en CA Anti-Virus (formalmente eTrust Antivirus) 8 y otros ciertos productos CA permiten a atacantes remotos provocar denegaci\u00f3n de servicio (bucles infinitos y perdida de funcionalidad antivirus) a trav\u00e9s de un campo\"listado previo de un trozo de n\u00famero\" en un cierto archivo CHM."
    }
  ],
  "id": "CVE-2007-3875",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-07-26T00:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26155"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/25049"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2639"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/25049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2007-2864

Vulnerability from fkie_nvd - Published: 2007-06-06 21:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/25570	Patch, Vendor Advisory
cve@mitre.org	http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp
cve@mitre.org	http://www.kb.cert.org/vuls/id/105105	US Government Resource
cve@mitre.org	http://www.osvdb.org/35245
cve@mitre.org	http://www.securityfocus.com/archive/1/470602/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/470754/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/24330	Patch
cve@mitre.org	http://www.securitytracker.com/id?1018199
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2072
cve@mitre.org	http://www.zerodayinitiative.com/advisories/ZDI-07-035.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/34737
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25570	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/105105	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/35245
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/470602/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/470754/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24330	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018199
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2072
af854a3a-2127-422b-91ae-364da2661108	http://www.zerodayinitiative.com/advisories/ZDI-07-035.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/34737

Impacted products

Vendor	Product	Version
broadcom	anti-virus_for_the_enterprise	8
broadcom	brightstor_arcserve_backup	9.01
broadcom	brightstor_arcserve_backup	10.5
broadcom	brightstor_arcserve_backup	11
broadcom	brightstor_arcserve_backup	11.1
broadcom	brightstor_arcserve_backup	11.5
broadcom	common_services	1.0
broadcom	common_services	1.1
broadcom	common_services	2.0
broadcom	common_services	2.1
broadcom	common_services	2.2
broadcom	common_services	3.0
broadcom	etrust_antivirus	8.0
broadcom	etrust_antivirus	8.1
broadcom	etrust_antivirus_gateway	7.1
broadcom	etrust_antivirus_sdk	*
broadcom	etrust_ez_antivirus	6.1
broadcom	etrust_ez_antivirus	7.0
broadcom	etrust_ez_armor	1.0
broadcom	etrust_ez_armor	2.0
broadcom	etrust_ez_armor	3.0
broadcom	etrust_ez_armor	3.1
broadcom	integrated_threat_management	8.0
broadcom	internet_security_suite	1.0
broadcom	internet_security_suite	2.0
broadcom	internet_security_suite	3.0
broadcom	unicenter_network_and_systems_management	3.0
broadcom	unicenter_network_and_systems_management	3.1
broadcom	unicenter_network_and_systems_management	11
broadcom	unicenter_network_and_systems_management	11.1
ca	etrust_secure_content_manager	8.0
ca	protection_suites	r2
ca	protection_suites	r3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B76576-ABB1-439E-80B0-0B5AAE14BA45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "443AB333-2C99-42FF-8F4E-A487BF588E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C339825-77F9-478A-B1F7-A297D5715396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A0DD264-59A8-4B76-8D7F-138AEA7B1912",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "062DB370-929D-4FE1-A925-2FB5706C9409",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7957A4-D763-488F-B2B1-E00F428AD1AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F5A6578-902D-4D9F-AB19-C6484E878CEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E79928-E5E2-42E5-9E09-58ADF9E76A74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7587982-C722-4754-8744-8C7D43E191B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71D3160D-539D-4E26-8B0B-C372315EE700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52C533CA-ACB7-4C0F-98E2-B5E51E24A554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4996345-E5B0-42E2-8592-41B9BC805740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "538F7CEC-D8A8-444F-9A9C-D1FF01EA7450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "714BCFBA-B843-4C14-AA78-F7CF17899D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "59035C39-14BA-4874-8874-75AA52D9AA38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4292DD3A-6B79-43E0-8D2F-267375A3CBF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:integrated_threat_management:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C167CC34-95AE-45CD-A1CE-64FF738DE25E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "74F3CAC8-447B-467B-87C1-DD565B41515A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B61BE84B-3BDA-489E-94E8-187A1B0F9281",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "285013A5-E058-4B2B-B8B6-1BFF72388589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EFA39E3-A614-4A64-B29C-86D6F12F1557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4434A4-EE82-46A1-9293-345991515369",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43CD3B48-C978-4FDB-B157-85F3E971446B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB54A16-5E56-46FC-A49C-56C98C0B8F1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
              "matchCriteriaId": "253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en el motor antivirus anterior a la actualizaci\u00f3n de contenido 30.6 de m\u00faltiples productos CA (antiguamente Computer Associates) permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n  mediante un valor largo no v\u00e1lido del campo coffFiles en un fichero .CAB."
    }
  ],
  "id": "CVE-2007-2864",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-06-06T21:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25570"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/105105"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/35245"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/24330"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018199"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2072"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25570"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/105105"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/35245"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/24330"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018199"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2072"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2006-6496

Vulnerability from fkie_nvd - Published: 2006-12-13 21:28 - Updated: 2025-04-09 00:30

Severity ?

Summary

The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs.

References

	URL	Tags
	cve@mitre.org	http://crm.my-etrust.com/CIDocument.asp?KDId=2651&GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C
	cve@mitre.org	http://secunia.com/advisories/23378
	cve@mitre.org	http://securitytracker.com/id?1017381
	cve@mitre.org	http://securitytracker.com/id?1017382
	cve@mitre.org	http://www.osvdb.org/30845
	cve@mitre.org	http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=41
	cve@mitre.org	http://www.securityfocus.com/archive/1/454420/100/0/threaded
	cve@mitre.org	http://www.securityfocus.com/bid/21593
	cve@mitre.org	http://www.vupen.com/english/advisories/2006/5010
	cve@mitre.org	http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/30909
	af854a3a-2127-422b-91ae-364da2661108	http://crm.my-etrust.com/CIDocument.asp?KDId=2651&GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23378
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017381
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017382
	af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/30845
	af854a3a-2127-422b-91ae-364da2661108	http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=41
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/454420/100/0/threaded
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/21593
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/5010
	af854a3a-2127-422b-91ae-364da2661108	http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/30909

Impacted products

Vendor	Product	Version
broadcom	etrust_antivirus	8.1
broadcom	etrust_antivirus	8.2
broadcom	internet_security_suite	3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52C533CA-ACB7-4C0F-98E2-B5E51E24A554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8.2:beta:*:*:*:*:*:*",
              "matchCriteriaId": "8027330E-3E6D-496D-8277-0279145679FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "285013A5-E058-4B2B-B8B6-1BFF72388589",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs."
    },
    {
      "lang": "es",
      "value": "Los controladores de dispositivo (1) VetMONNT.sys y (2) VetFDDNT.sys de CA Anti-Virus 2007 8.1, Anti-Virus para Vista Beta 8.2 y CA Internet Security Suite 2007 v3.0 no gestionan apropiadamente b\u00faferes Null, lo cual permite a usuarios locales con acceso de administrados provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) mediante IOCTLs concretos."
    }
  ],
  "id": "CVE-2006-6496",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 2.7,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-12-13T21:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://crm.my-etrust.com/CIDocument.asp?KDId=2651\u0026GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/23378"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017381"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017382"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/30845"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=41"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/454420/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/21593"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/5010"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30909"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://crm.my-etrust.com/CIDocument.asp?KDId=2651\u0026GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/23378"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/30845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=41"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/454420/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/21593"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/5010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30909"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-3587 (GCVE-0-2009-3587)

Vulnerability from cvelistv5 – Published: 2009-10-13 10:00 – Updated: 2024-08-07 06:31

Summary

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://support.ca.com/irj/portal/anonymous/phpsup…	x_refsource_CONFIRM
	http://osvdb.org/58691	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/36976	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1022999	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2009/2852	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/507068/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/36653	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.544Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
          },
          {
            "name": "58691",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/58691"
          },
          {
            "name": "36976",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36976"
          },
          {
            "name": "1022999",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022999"
          },
          {
            "name": "ADV-2009-2852",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2852"
          },
          {
            "name": "ca-rar-code-execution(53697)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
          },
          {
            "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
          },
          {
            "name": "36653",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36653"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
        },
        {
          "name": "58691",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/58691"
        },
        {
          "name": "36976",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36976"
        },
        {
          "name": "1022999",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022999"
        },
        {
          "name": "ADV-2009-2852",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2852"
        },
        {
          "name": "ca-rar-code-execution(53697)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
        },
        {
          "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
        },
        {
          "name": "36653",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36653"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3587",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
              "refsource": "CONFIRM",
              "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
            },
            {
              "name": "58691",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/58691"
            },
            {
              "name": "36976",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36976"
            },
            {
              "name": "1022999",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022999"
            },
            {
              "name": "ADV-2009-2852",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2852"
            },
            {
              "name": "ca-rar-code-execution(53697)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
            },
            {
              "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
            },
            {
              "name": "36653",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36653"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3587",
    "datePublished": "2009-10-13T10:00:00",
    "dateReserved": "2009-10-08T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3588 (GCVE-0-2009-3588)

Vulnerability from cvelistv5 – Published: 2009-10-13 10:00 – Updated: 2024-08-07 06:31

Summary

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://support.ca.com/irj/portal/anonymous/phpsup…	x_refsource_CONFIRM
	http://secunia.com/advisories/36976	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1022999	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2009/2852	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/507068/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/36653	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.558Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ca-rar-dos(53698)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
          },
          {
            "name": "36976",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36976"
          },
          {
            "name": "1022999",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022999"
          },
          {
            "name": "ADV-2009-2852",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2852"
          },
          {
            "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
          },
          {
            "name": "36653",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36653"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ca-rar-dos(53698)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
        },
        {
          "name": "36976",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36976"
        },
        {
          "name": "1022999",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022999"
        },
        {
          "name": "ADV-2009-2852",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2852"
        },
        {
          "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
        },
        {
          "name": "36653",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36653"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3588",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ca-rar-dos(53698)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
            },
            {
              "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
              "refsource": "CONFIRM",
              "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
            },
            {
              "name": "36976",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36976"
            },
            {
              "name": "1022999",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022999"
            },
            {
              "name": "ADV-2009-2852",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2852"
            },
            {
              "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
            },
            {
              "name": "36653",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36653"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3588",
    "datePublished": "2009-10-13T10:00:00",
    "dateReserved": "2009-10-08T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.558Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-2926 (GCVE-0-2008-2926)

Vulnerability from cvelistv5 – Published: 2008-08-12 23:00 – Updated: 2024-08-07 09:21

Summary

The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2008/2339	vdb-entryx_refsource_VUPEN
	http://www.securitytracker.com/id?1020660	vdb-entryx_refsource_SECTRACK
	http://www.ca.com/us/securityadvisor/vulninfo/vul…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/495397/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/31434	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1020658	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/30651	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1020659	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:21:34.505Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2008-2339",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2339"
          },
          {
            "name": "1020660",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020660"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
          },
          {
            "name": "20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
          },
          {
            "name": "31434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31434"
          },
          {
            "name": "1020658",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020658"
          },
          {
            "name": "30651",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/30651"
          },
          {
            "name": "ca-kmxfw-privilege-escalation(44392)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"
          },
          {
            "name": "1020659",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020659"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2008-2339",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2339"
        },
        {
          "name": "1020660",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020660"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
        },
        {
          "name": "20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
        },
        {
          "name": "31434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31434"
        },
        {
          "name": "1020658",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020658"
        },
        {
          "name": "30651",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/30651"
        },
        {
          "name": "ca-kmxfw-privilege-escalation(44392)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"
        },
        {
          "name": "1020659",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020659"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2926",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2008-2339",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2339"
            },
            {
              "name": "1020660",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020660"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
            },
            {
              "name": "20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
            },
            {
              "name": "31434",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31434"
            },
            {
              "name": "1020658",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020658"
            },
            {
              "name": "30651",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/30651"
            },
            {
              "name": "ca-kmxfw-privilege-escalation(44392)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"
            },
            {
              "name": "1020659",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020659"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-2926",
    "datePublished": "2008-08-12T23:00:00",
    "dateReserved": "2008-06-30T00:00:00",
    "dateUpdated": "2024-08-07T09:21:34.505Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-3875 (GCVE-0-2007-3875)

Vulnerability from cvelistv5 – Published: 2007-07-26 00:00 – Updated: 2024-08-07 14:37

Summary

arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securitytracker.com/id?1018450	vdb-entryx_refsource_SECTRACK
	http://www.ca.com/us/securityadvisor/newsinfo/col…	x_refsource_CONFIRM
	http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
	http://www.securityfocus.com/archive/1/474605/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2007/2639	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/474601/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/474683/100…	mailing-listx_refsource_BUGTRAQ
	http://supportconnectw.ca.com/public/antivirus/in…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/25049	vdb-entryx_refsource_BID
	http://secunia.com/advisories/26155	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:37:04.196Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1018450",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018450"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
          },
          {
            "name": "20070724 Computer Associates AntiVirus CHM File Handling DoS Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
          },
          {
            "name": "20070725 n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
          },
          {
            "name": "ADV-2007-2639",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2639"
          },
          {
            "name": "20070725 [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
          },
          {
            "name": "ca-arclib-chm-dos(35573)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
          },
          {
            "name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
          },
          {
            "name": "25049",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25049"
          },
          {
            "name": "26155",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26155"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-07-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1018450",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018450"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
        },
        {
          "name": "20070724 Computer Associates AntiVirus CHM File Handling DoS Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
        },
        {
          "name": "20070725 n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
        },
        {
          "name": "ADV-2007-2639",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2639"
        },
        {
          "name": "20070725 [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
        },
        {
          "name": "ca-arclib-chm-dos(35573)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
        },
        {
          "name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
        },
        {
          "name": "25049",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25049"
        },
        {
          "name": "26155",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26155"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3875",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1018450",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018450"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
            },
            {
              "name": "20070724 Computer Associates AntiVirus CHM File Handling DoS Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
            },
            {
              "name": "20070725 n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
            },
            {
              "name": "ADV-2007-2639",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2639"
            },
            {
              "name": "20070725 [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
            },
            {
              "name": "ca-arclib-chm-dos(35573)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
            },
            {
              "name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
            },
            {
              "name": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
            },
            {
              "name": "25049",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25049"
            },
            {
              "name": "26155",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26155"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3875",
    "datePublished": "2007-07-26T00:00:00",
    "dateReserved": "2007-07-18T00:00:00",
    "dateUpdated": "2024-08-07T14:37:04.196Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2864 (GCVE-0-2007-2864)

Vulnerability from cvelistv5 – Published: 2007-06-06 21:00 – Updated: 2024-08-07 13:57

Summary

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/24330	vdb-entryx_refsource_BID
	http://www.securityfocus.com/archive/1/470602/100…	mailing-listx_refsource_BUGTRAQ
	http://supportconnectw.ca.com/public/antivirus/in…	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/105105	third-party-advisoryx_refsource_CERT-VN
	http://www.vupen.com/english/advisories/2007/2072	vdb-entryx_refsource_VUPEN
	http://www.zerodayinitiative.com/advisories/ZDI-0…	x_refsource_MISC
	http://www.securityfocus.com/archive/1/470754/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1018199	vdb-entryx_refsource_SECTRACK
	http://www.osvdb.org/35245	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/25570	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:57:54.318Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24330",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24330"
          },
          {
            "name": "20070605 ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
          },
          {
            "name": "VU#105105",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/105105"
          },
          {
            "name": "ADV-2007-2072",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2072"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
          },
          {
            "name": "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
          },
          {
            "name": "ca-multiple-antivirus-cofffiles-bo(34737)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
          },
          {
            "name": "1018199",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018199"
          },
          {
            "name": "35245",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/35245"
          },
          {
            "name": "25570",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25570"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24330",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24330"
        },
        {
          "name": "20070605 ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
        },
        {
          "name": "VU#105105",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/105105"
        },
        {
          "name": "ADV-2007-2072",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2072"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
        },
        {
          "name": "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
        },
        {
          "name": "ca-multiple-antivirus-cofffiles-bo(34737)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
        },
        {
          "name": "1018199",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018199"
        },
        {
          "name": "35245",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/35245"
        },
        {
          "name": "25570",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25570"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2864",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24330",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24330"
            },
            {
              "name": "20070605 ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
            },
            {
              "name": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
            },
            {
              "name": "VU#105105",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/105105"
            },
            {
              "name": "ADV-2007-2072",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2072"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
            },
            {
              "name": "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
            },
            {
              "name": "ca-multiple-antivirus-cofffiles-bo(34737)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
            },
            {
              "name": "1018199",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018199"
            },
            {
              "name": "35245",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/35245"
            },
            {
              "name": "25570",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25570"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2864",
    "datePublished": "2007-06-06T21:00:00",
    "dateReserved": "2007-05-24T00:00:00",
    "dateUpdated": "2024-08-07T13:57:54.318Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-6496 (GCVE-0-2006-6496)

Vulnerability from cvelistv5 – Published: 2006-12-13 21:00 – Updated: 2024-08-07 20:26

Summary

The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www3.ca.com/securityadvisor/vulninfo/vuln.…	x_refsource_CONFIRM
	http://crm.my-etrust.com/CIDocument.asp?KDId=2651…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/454420/100…	mailing-listx_refsource_BUGTRAQ
	http://www.reversemode.com/index.php?option=com_r…	x_refsource_MISC
	http://www.osvdb.org/30845	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/bid/21593	vdb-entryx_refsource_BID
	http://securitytracker.com/id?1017382	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/23378	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/5010	vdb-entryx_refsource_VUPEN
	http://securitytracker.com/id?1017381	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:26:46.511Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://crm.my-etrust.com/CIDocument.asp?KDId=2651\u0026GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C"
          },
          {
            "name": "20061214 [CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/454420/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=41"
          },
          {
            "name": "30845",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/30845"
          },
          {
            "name": "21593",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21593"
          },
          {
            "name": "1017382",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017382"
          },
          {
            "name": "ca-vetmonnt-vetfddnt-dos(30909)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30909"
          },
          {
            "name": "23378",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23378"
          },
          {
            "name": "ADV-2006-5010",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/5010"
          },
          {
            "name": "1017381",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017381"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://crm.my-etrust.com/CIDocument.asp?KDId=2651\u0026GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C"
        },
        {
          "name": "20061214 [CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/454420/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=41"
        },
        {
          "name": "30845",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/30845"
        },
        {
          "name": "21593",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21593"
        },
        {
          "name": "1017382",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017382"
        },
        {
          "name": "ca-vetmonnt-vetfddnt-dos(30909)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30909"
        },
        {
          "name": "23378",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23378"
        },
        {
          "name": "ADV-2006-5010",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/5010"
        },
        {
          "name": "1017381",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017381"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6496",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870",
              "refsource": "CONFIRM",
              "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870"
            },
            {
              "name": "http://crm.my-etrust.com/CIDocument.asp?KDId=2651\u0026GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C",
              "refsource": "CONFIRM",
              "url": "http://crm.my-etrust.com/CIDocument.asp?KDId=2651\u0026GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C"
            },
            {
              "name": "20061214 [CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/454420/100/0/threaded"
            },
            {
              "name": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=41",
              "refsource": "MISC",
              "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=41"
            },
            {
              "name": "30845",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/30845"
            },
            {
              "name": "21593",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21593"
            },
            {
              "name": "1017382",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017382"
            },
            {
              "name": "ca-vetmonnt-vetfddnt-dos(30909)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30909"
            },
            {
              "name": "23378",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23378"
            },
            {
              "name": "ADV-2006-5010",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/5010"
            },
            {
              "name": "1017381",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017381"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-6496",
    "datePublished": "2006-12-13T21:00:00",
    "dateReserved": "2006-12-13T00:00:00",
    "dateUpdated": "2024-08-07T20:26:46.511Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3587 (GCVE-0-2009-3587)

Vulnerability from nvd – Published: 2009-10-13 10:00 – Updated: 2024-08-07 06:31

Summary

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://support.ca.com/irj/portal/anonymous/phpsup…	x_refsource_CONFIRM
	http://osvdb.org/58691	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/36976	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1022999	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2009/2852	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/507068/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/36653	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.544Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
          },
          {
            "name": "58691",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/58691"
          },
          {
            "name": "36976",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36976"
          },
          {
            "name": "1022999",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022999"
          },
          {
            "name": "ADV-2009-2852",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2852"
          },
          {
            "name": "ca-rar-code-execution(53697)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
          },
          {
            "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
          },
          {
            "name": "36653",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36653"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
        },
        {
          "name": "58691",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/58691"
        },
        {
          "name": "36976",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36976"
        },
        {
          "name": "1022999",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022999"
        },
        {
          "name": "ADV-2009-2852",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2852"
        },
        {
          "name": "ca-rar-code-execution(53697)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
        },
        {
          "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
        },
        {
          "name": "36653",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36653"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3587",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
              "refsource": "CONFIRM",
              "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
            },
            {
              "name": "58691",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/58691"
            },
            {
              "name": "36976",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36976"
            },
            {
              "name": "1022999",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022999"
            },
            {
              "name": "ADV-2009-2852",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2852"
            },
            {
              "name": "ca-rar-code-execution(53697)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
            },
            {
              "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
            },
            {
              "name": "36653",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36653"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3587",
    "datePublished": "2009-10-13T10:00:00",
    "dateReserved": "2009-10-08T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3588 (GCVE-0-2009-3588)

Vulnerability from nvd – Published: 2009-10-13 10:00 – Updated: 2024-08-07 06:31

Summary

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://support.ca.com/irj/portal/anonymous/phpsup…	x_refsource_CONFIRM
	http://secunia.com/advisories/36976	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1022999	vdb-entryx_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2009/2852	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/507068/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/36653	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.558Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ca-rar-dos(53698)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
          },
          {
            "name": "36976",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36976"
          },
          {
            "name": "1022999",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022999"
          },
          {
            "name": "ADV-2009-2852",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2852"
          },
          {
            "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
          },
          {
            "name": "36653",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36653"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ca-rar-dos(53698)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
        },
        {
          "name": "36976",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36976"
        },
        {
          "name": "1022999",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022999"
        },
        {
          "name": "ADV-2009-2852",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2852"
        },
        {
          "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
        },
        {
          "name": "36653",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36653"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3588",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ca-rar-dos(53698)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
            },
            {
              "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
              "refsource": "CONFIRM",
              "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
            },
            {
              "name": "36976",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36976"
            },
            {
              "name": "1022999",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022999"
            },
            {
              "name": "ADV-2009-2852",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2852"
            },
            {
              "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
            },
            {
              "name": "36653",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36653"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3588",
    "datePublished": "2009-10-13T10:00:00",
    "dateReserved": "2009-10-08T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.558Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-2926 (GCVE-0-2008-2926)

Vulnerability from nvd – Published: 2008-08-12 23:00 – Updated: 2024-08-07 09:21

Summary

The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2008/2339	vdb-entryx_refsource_VUPEN
	http://www.securitytracker.com/id?1020660	vdb-entryx_refsource_SECTRACK
	http://www.ca.com/us/securityadvisor/vulninfo/vul…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/495397/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/31434	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1020658	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/30651	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1020659	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:21:34.505Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2008-2339",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2339"
          },
          {
            "name": "1020660",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020660"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
          },
          {
            "name": "20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
          },
          {
            "name": "31434",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31434"
          },
          {
            "name": "1020658",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020658"
          },
          {
            "name": "30651",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/30651"
          },
          {
            "name": "ca-kmxfw-privilege-escalation(44392)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"
          },
          {
            "name": "1020659",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020659"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2008-2339",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2339"
        },
        {
          "name": "1020660",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020660"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
        },
        {
          "name": "20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
        },
        {
          "name": "31434",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31434"
        },
        {
          "name": "1020658",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020658"
        },
        {
          "name": "30651",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/30651"
        },
        {
          "name": "ca-kmxfw-privilege-escalation(44392)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"
        },
        {
          "name": "1020659",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020659"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2926",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2008-2339",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2339"
            },
            {
              "name": "1020660",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020660"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
            },
            {
              "name": "20080812 CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
            },
            {
              "name": "31434",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31434"
            },
            {
              "name": "1020658",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020658"
            },
            {
              "name": "30651",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/30651"
            },
            {
              "name": "ca-kmxfw-privilege-escalation(44392)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"
            },
            {
              "name": "1020659",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020659"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-2926",
    "datePublished": "2008-08-12T23:00:00",
    "dateReserved": "2008-06-30T00:00:00",
    "dateUpdated": "2024-08-07T09:21:34.505Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-3875 (GCVE-0-2007-3875)

Vulnerability from nvd – Published: 2007-07-26 00:00 – Updated: 2024-08-07 14:37

Summary

arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securitytracker.com/id?1018450	vdb-entryx_refsource_SECTRACK
	http://www.ca.com/us/securityadvisor/newsinfo/col…	x_refsource_CONFIRM
	http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
	http://www.securityfocus.com/archive/1/474605/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2007/2639	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/474601/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/474683/100…	mailing-listx_refsource_BUGTRAQ
	http://supportconnectw.ca.com/public/antivirus/in…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/25049	vdb-entryx_refsource_BID
	http://secunia.com/advisories/26155	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:37:04.196Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1018450",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018450"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
          },
          {
            "name": "20070724 Computer Associates AntiVirus CHM File Handling DoS Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
          },
          {
            "name": "20070725 n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
          },
          {
            "name": "ADV-2007-2639",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2639"
          },
          {
            "name": "20070725 [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
          },
          {
            "name": "ca-arclib-chm-dos(35573)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
          },
          {
            "name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
          },
          {
            "name": "25049",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25049"
          },
          {
            "name": "26155",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26155"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-07-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1018450",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018450"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
        },
        {
          "name": "20070724 Computer Associates AntiVirus CHM File Handling DoS Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
        },
        {
          "name": "20070725 n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
        },
        {
          "name": "ADV-2007-2639",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2639"
        },
        {
          "name": "20070725 [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
        },
        {
          "name": "ca-arclib-chm-dos(35573)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
        },
        {
          "name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
        },
        {
          "name": "25049",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25049"
        },
        {
          "name": "26155",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26155"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3875",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1018450",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018450"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
            },
            {
              "name": "20070724 Computer Associates AntiVirus CHM File Handling DoS Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
            },
            {
              "name": "20070725 n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
            },
            {
              "name": "ADV-2007-2639",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2639"
            },
            {
              "name": "20070725 [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
            },
            {
              "name": "ca-arclib-chm-dos(35573)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
            },
            {
              "name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
            },
            {
              "name": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
            },
            {
              "name": "25049",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25049"
            },
            {
              "name": "26155",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26155"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3875",
    "datePublished": "2007-07-26T00:00:00",
    "dateReserved": "2007-07-18T00:00:00",
    "dateUpdated": "2024-08-07T14:37:04.196Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2864 (GCVE-0-2007-2864)

Vulnerability from nvd – Published: 2007-06-06 21:00 – Updated: 2024-08-07 13:57

Summary

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/24330	vdb-entryx_refsource_BID
	http://www.securityfocus.com/archive/1/470602/100…	mailing-listx_refsource_BUGTRAQ
	http://supportconnectw.ca.com/public/antivirus/in…	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/105105	third-party-advisoryx_refsource_CERT-VN
	http://www.vupen.com/english/advisories/2007/2072	vdb-entryx_refsource_VUPEN
	http://www.zerodayinitiative.com/advisories/ZDI-0…	x_refsource_MISC
	http://www.securityfocus.com/archive/1/470754/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1018199	vdb-entryx_refsource_SECTRACK
	http://www.osvdb.org/35245	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/25570	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:57:54.318Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24330",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24330"
          },
          {
            "name": "20070605 ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
          },
          {
            "name": "VU#105105",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/105105"
          },
          {
            "name": "ADV-2007-2072",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2072"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
          },
          {
            "name": "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
          },
          {
            "name": "ca-multiple-antivirus-cofffiles-bo(34737)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
          },
          {
            "name": "1018199",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018199"
          },
          {
            "name": "35245",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/35245"
          },
          {
            "name": "25570",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25570"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24330",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24330"
        },
        {
          "name": "20070605 ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
        },
        {
          "name": "VU#105105",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/105105"
        },
        {
          "name": "ADV-2007-2072",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2072"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
        },
        {
          "name": "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
        },
        {
          "name": "ca-multiple-antivirus-cofffiles-bo(34737)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
        },
        {
          "name": "1018199",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018199"
        },
        {
          "name": "35245",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/35245"
        },
        {
          "name": "25570",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25570"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2864",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24330",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24330"
            },
            {
              "name": "20070605 ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
            },
            {
              "name": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
            },
            {
              "name": "VU#105105",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/105105"
            },
            {
              "name": "ADV-2007-2072",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2072"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
            },
            {
              "name": "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
            },
            {
              "name": "ca-multiple-antivirus-cofffiles-bo(34737)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
            },
            {
              "name": "1018199",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018199"
            },
            {
              "name": "35245",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/35245"
            },
            {
              "name": "25570",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25570"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2864",
    "datePublished": "2007-06-06T21:00:00",
    "dateReserved": "2007-05-24T00:00:00",
    "dateUpdated": "2024-08-07T13:57:54.318Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-6496 (GCVE-0-2006-6496)

Vulnerability from nvd – Published: 2006-12-13 21:00 – Updated: 2024-08-07 20:26

Summary

The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www3.ca.com/securityadvisor/vulninfo/vuln.…	x_refsource_CONFIRM
	http://crm.my-etrust.com/CIDocument.asp?KDId=2651…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/454420/100…	mailing-listx_refsource_BUGTRAQ
	http://www.reversemode.com/index.php?option=com_r…	x_refsource_MISC
	http://www.osvdb.org/30845	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/bid/21593	vdb-entryx_refsource_BID
	http://securitytracker.com/id?1017382	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/23378	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/5010	vdb-entryx_refsource_VUPEN
	http://securitytracker.com/id?1017381	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:26:46.511Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://crm.my-etrust.com/CIDocument.asp?KDId=2651\u0026GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C"
          },
          {
            "name": "20061214 [CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/454420/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=41"
          },
          {
            "name": "30845",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/30845"
          },
          {
            "name": "21593",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21593"
          },
          {
            "name": "1017382",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017382"
          },
          {
            "name": "ca-vetmonnt-vetfddnt-dos(30909)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30909"
          },
          {
            "name": "23378",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23378"
          },
          {
            "name": "ADV-2006-5010",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/5010"
          },
          {
            "name": "1017381",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017381"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://crm.my-etrust.com/CIDocument.asp?KDId=2651\u0026GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C"
        },
        {
          "name": "20061214 [CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/454420/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=41"
        },
        {
          "name": "30845",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/30845"
        },
        {
          "name": "21593",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21593"
        },
        {
          "name": "1017382",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017382"
        },
        {
          "name": "ca-vetmonnt-vetfddnt-dos(30909)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30909"
        },
        {
          "name": "23378",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23378"
        },
        {
          "name": "ADV-2006-5010",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/5010"
        },
        {
          "name": "1017381",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017381"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6496",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870",
              "refsource": "CONFIRM",
              "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34870"
            },
            {
              "name": "http://crm.my-etrust.com/CIDocument.asp?KDId=2651\u0026GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C",
              "refsource": "CONFIRM",
              "url": "http://crm.my-etrust.com/CIDocument.asp?KDId=2651\u0026GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C"
            },
            {
              "name": "20061214 [CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/454420/100/0/threaded"
            },
            {
              "name": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=41",
              "refsource": "MISC",
              "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=41"
            },
            {
              "name": "30845",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/30845"
            },
            {
              "name": "21593",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21593"
            },
            {
              "name": "1017382",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017382"
            },
            {
              "name": "ca-vetmonnt-vetfddnt-dos(30909)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30909"
            },
            {
              "name": "23378",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23378"
            },
            {
              "name": "ADV-2006-5010",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/5010"
            },
            {
              "name": "1017381",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017381"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-6496",
    "datePublished": "2006-12-13T21:00:00",
    "dateReserved": "2006-12-13T00:00:00",
    "dateUpdated": "2024-08-07T20:26:46.511Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

18 vulnerabilities found for internet_security_suite by broadcom

FKIE_CVE-2009-3587

FKIE_CVE-2009-3588

FKIE_CVE-2008-2926

FKIE_CVE-2007-3875

FKIE_CVE-2007-2864

FKIE_CVE-2006-6496

CVE-2009-3587 (GCVE-0-2009-3587)

CVE-2009-3588 (GCVE-0-2009-3588)

CVE-2008-2926 (GCVE-0-2008-2926)

CVE-2007-3875 (GCVE-0-2007-3875)

CVE-2007-2864 (GCVE-0-2007-2864)

CVE-2006-6496 (GCVE-0-2006-6496)

CVE-2009-3587 (GCVE-0-2009-3587)

CVE-2009-3588 (GCVE-0-2009-3588)

CVE-2008-2926 (GCVE-0-2008-2926)

CVE-2007-3875 (GCVE-0-2007-3875)

CVE-2007-2864 (GCVE-0-2007-2864)

CVE-2006-6496 (GCVE-0-2006-6496)