cvelistv5 - CVE-2009-3587

CVE-2009-3587

Vulnerability from cvelistv5

Published

2009-10-13 10:00

Modified

2024-08-07 06:31

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/58691	Broken Link
cve@mitre.org	http://secunia.com/advisories/36976	Third Party Advisory
cve@mitre.org	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878	Broken Link, Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/507068/100/0/threaded	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securityfocus.com/bid/36653	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id?1022999	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2009/2852	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/53697	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/58691	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36976	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878	Broken Link, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/507068/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36653	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022999	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/2852	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/53697	Third Party Advisory, VDB Entry

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:31:10.544Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
          },
          {
            "name": "58691",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/58691"
          },
          {
            "name": "36976",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36976"
          },
          {
            "name": "1022999",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022999"
          },
          {
            "name": "ADV-2009-2852",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2852"
          },
          {
            "name": "ca-rar-code-execution(53697)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
          },
          {
            "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
          },
          {
            "name": "36653",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36653"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
        },
        {
          "name": "58691",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/58691"
        },
        {
          "name": "36976",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36976"
        },
        {
          "name": "1022999",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022999"
        },
        {
          "name": "ADV-2009-2852",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2852"
        },
        {
          "name": "ca-rar-code-execution(53697)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
        },
        {
          "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
        },
        {
          "name": "36653",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36653"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3587",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
              "refsource": "CONFIRM",
              "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
            },
            {
              "name": "58691",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/58691"
            },
            {
              "name": "36976",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36976"
            },
            {
              "name": "1022999",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022999"
            },
            {
              "name": "ADV-2009-2852",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2852"
            },
            {
              "name": "ca-rar-code-execution(53697)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
            },
            {
              "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
            },
            {
              "name": "36653",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36653"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3587",
    "datePublished": "2009-10-13T10:00:00",
    "dateReserved": "2009-10-08T00:00:00",
    "dateUpdated": "2024-08-07T06:31:10.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*\", \"matchCriteriaId\": \"C469EBBE-EE96-4CED-BD8C-36461750C6A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C5E892B-0EE8-4B76-97B8-0BAF17E83F49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"607CCBDA-7288-4496-A7ED-EF6DED40CA21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11BCD267-E8CE-4A97-B769-5F4CAF9830D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"865B7BD2-3AD1-41CA-842B-47BC4F1426DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E2FA702-184A-44FF-8DEA-7811804EE175\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D301B65D-A20B-4991-A0D8-DFE3363F162B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A08C715-A351-466D-99EC-006C106A3366\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05185A74-8484-419D-A3CE-8603928AF0DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52C533CA-ACB7-4C0F-98E2-B5E51E24A554\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FD8D5F0-9606-4BBA-B7F9-ACD089B84DC2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3DDF2EE3-753B-4C7E-84EF-144FA5986A21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"69184A5E-4FA9-4896-B6E8-1B9D4D62D099\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:internet_security_suite:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F30C4FF9-DB76-4B3F-9582-752097B3D521\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"285013A5-E058-4B2B-B8B6-1BFF72388589\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FF55705-42ED-4503-8534-FDEA365E84E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB548763-E1A7-4DB1-BE86-ED5AA1CA81BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B28429A-F343-4BE8-A94D-5A5AC3F6258C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFF64064-1C35-4888-BBC2-52F68EF9517F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DADD1E6-3454-4C1E-AD46-82D79CB8F528\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E02DA21-B25B-4626-BFDC-61AA8AF3537E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EFA39E3-A614-4A64-B29C-86D6F12F1557\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B4434A4-EE82-46A1-9293-345991515369\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43CD3B48-C978-4FDB-B157-85F3E971446B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:anti-virus:2009:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6050CADE-7BAF-45B7-A031-F70558C7CE44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:anti-virus_for_the_enterprise:r8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0186ADA-0E20-4E14-B9D5-19CDFC1BD98F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:anti-virus_gateway:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD75FF0F-A36C-40AF-A99E-1596A6A6FE2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:anti-virus_plus:2009:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BED8CEF9-6AEC-4771-98F7-051E4B3E0848\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:arcserve_for_windows_client_agent:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5603FDAD-A347-4A44-BC45-1ADC44601D65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:arcserve_for_windows_server_component:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5086D7CF-EBAB-4E30-98E0-0D276CC1C707\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:common_services:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FAD043E-3ABE-46D7-AD17-A68858692A7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:etrust_anti-virus_gateway:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C13B0E1-DCEE-46E5-81A3-C08C07C58B9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:etrust_anti-virus_sdk:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"257CC950-F1BB-4D0A-9B05-98A58DB67532\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:etrust_ez_antivirus:r7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0A641A2-4147-4C41-B102-18417ECA9339\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"29FEABEE-DC17-4620-B088-B24249865931\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D10B864B-AA39-4702-A42B-F33BAF2D8059\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DB54A16-5E56-46FC-A49C-56C98C0B8F1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:gateway_security:r8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B44F941C-83DC-4EDA-B258-C35F5EDA819E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0281F80B-CF9C-482D-B7A9-3B2651BD0567\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33F7E184-EA23-487C-83ED-65CF8DD2DB18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:internet_security_suite_plus_2009:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"951062B1-C72B-4EAF-BA54-6986434036FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47C10BA4-B241-4F65-8FA1-AD88266C03B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC845898-3D77-4793-971E-5E1555ED9CDA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:threat_manager:8.1:*:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"0115D81C-2CA2-424C-BE4B-0896C9ADA68E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:threat_manager:r8:*:enterprise:*:*:*:*:*\", \"matchCriteriaId\": \"A38801CD-167E-408E-89BD-52BB1B89041B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:threat_manager_total_defense:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6AEE8BC-8D0E-464F-88B7-5C2C2D372AFA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8713893-59CE-486A-9262-E755A8F2D58C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en el componente arclib en el motor Anti-Virus en CA Anti-Virus para Enterprise (formalmente eTrust Antivirus) v7.1 hasta v8.1; Anti-Virus 2007 (v8) hasta 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) hasta Plus 2009; y otros productos CA permite a atacantes remotos causar una denegaci\\u00f3n de servicio y ejecutar probablemente c\\u00f3digo de su elecci\\u00f3n a trav\\u00e9s del archivo RAR manipulado que provoca una corrupci\\u00f3n de la memoria din\\u00e1mica, una vulnerabilidad diferente que CVE-2009-3588.\"}]",
      "id": "CVE-2009-3587",
      "lastModified": "2024-11-21T01:07:44.420",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2009-10-13T10:30:00.610",
      "references": "[{\"url\": \"http://osvdb.org/58691\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/36976\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/507068/100/0/threaded\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/36653\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1022999\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2852\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/53697\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://osvdb.org/58691\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/36976\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/507068/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/36653\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1022999\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2852\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/53697\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-3587\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-10-13T10:30:00.610\",\"lastModified\":\"2024-11-21T01:07:44.420\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el componente arclib en el motor Anti-Virus en CA Anti-Virus para Enterprise (formalmente eTrust Antivirus) v7.1 hasta v8.1; Anti-Virus 2007 (v8) hasta 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) hasta Plus 2009; y otros productos CA permite a atacantes remotos causar una denegaci\u00f3n de servicio y ejecutar probablemente c\u00f3digo de su elecci\u00f3n a trav\u00e9s del archivo RAR manipulado que provoca una corrupci\u00f3n de la memoria din\u00e1mica, una vulnerabilidad diferente que CVE-2009-3588.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*\",\"matchCriteriaId\":\"C469EBBE-EE96-4CED-BD8C-36461750C6A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C5E892B-0EE8-4B76-97B8-0BAF17E83F49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"607CCBDA-7288-4496-A7ED-EF6DED40CA21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11BCD267-E8CE-4A97-B769-5F4CAF9830D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"865B7BD2-3AD1-41CA-842B-47BC4F1426DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E2FA702-184A-44FF-8DEA-7811804EE175\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D301B65D-A20B-4991-A0D8-DFE3363F162B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A08C715-A351-466D-99EC-006C106A3366\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05185A74-8484-419D-A3CE-8603928AF0DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C533CA-ACB7-4C0F-98E2-B5E51E24A554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FD8D5F0-9606-4BBA-B7F9-ACD089B84DC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DDF2EE3-753B-4C7E-84EF-144FA5986A21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69184A5E-4FA9-4896-B6E8-1B9D4D62D099\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:internet_security_suite:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F30C4FF9-DB76-4B3F-9582-752097B3D521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"285013A5-E058-4B2B-B8B6-1BFF72388589\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF55705-42ED-4503-8534-FDEA365E84E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB548763-E1A7-4DB1-BE86-ED5AA1CA81BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B28429A-F343-4BE8-A94D-5A5AC3F6258C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFF64064-1C35-4888-BBC2-52F68EF9517F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DADD1E6-3454-4C1E-AD46-82D79CB8F528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E02DA21-B25B-4626-BFDC-61AA8AF3537E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EFA39E3-A614-4A64-B29C-86D6F12F1557\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B4434A4-EE82-46A1-9293-345991515369\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43CD3B48-C978-4FDB-B157-85F3E971446B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:anti-virus:2009:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6050CADE-7BAF-45B7-A031-F70558C7CE44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:anti-virus_for_the_enterprise:r8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0186ADA-0E20-4E14-B9D5-19CDFC1BD98F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:anti-virus_gateway:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD75FF0F-A36C-40AF-A99E-1596A6A6FE2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:anti-virus_plus:2009:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BED8CEF9-6AEC-4771-98F7-051E4B3E0848\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:arcserve_for_windows_client_agent:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5603FDAD-A347-4A44-BC45-1ADC44601D65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:arcserve_for_windows_server_component:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5086D7CF-EBAB-4E30-98E0-0D276CC1C707\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:common_services:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FAD043E-3ABE-46D7-AD17-A68858692A7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:etrust_anti-virus_gateway:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C13B0E1-DCEE-46E5-81A3-C08C07C58B9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:etrust_anti-virus_sdk:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"257CC950-F1BB-4D0A-9B05-98A58DB67532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:etrust_ez_antivirus:r7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0A641A2-4147-4C41-B102-18417ECA9339\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"29FEABEE-DC17-4620-B088-B24249865931\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D10B864B-AA39-4702-A42B-F33BAF2D8059\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DB54A16-5E56-46FC-A49C-56C98C0B8F1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:gateway_security:r8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B44F941C-83DC-4EDA-B258-C35F5EDA819E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0281F80B-CF9C-482D-B7A9-3B2651BD0567\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F7E184-EA23-487C-83ED-65CF8DD2DB18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:internet_security_suite_plus_2009:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"951062B1-C72B-4EAF-BA54-6986434036FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47C10BA4-B241-4F65-8FA1-AD88266C03B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC845898-3D77-4793-971E-5E1555ED9CDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:threat_manager:8.1:*:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"0115D81C-2CA2-424C-BE4B-0896C9ADA68E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:threat_manager:r8:*:enterprise:*:*:*:*:*\",\"matchCriteriaId\":\"A38801CD-167E-408E-89BD-52BB1B89041B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:threat_manager_total_defense:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6AEE8BC-8D0E-464F-88B7-5C2C2D372AFA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8713893-59CE-486A-9262-E755A8F2D58C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/58691\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/36976\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/507068/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/36653\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1022999\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/2852\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/53697\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://osvdb.org/58691\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/36976\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/507068/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/36653\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1022999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/2852\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/53697\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

gsd-2009-3587

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2009-3587

Aliases

CVE-2009-3587

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-3587",
    "description": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.",
    "id": "GSD-2009-3587"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-3587"
      ],
      "details": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.",
      "id": "GSD-2009-3587",
      "modified": "2023-12-13T01:19:49.264314Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-3587",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
            "refsource": "CONFIRM",
            "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
          },
          {
            "name": "58691",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/58691"
          },
          {
            "name": "36976",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36976"
          },
          {
            "name": "1022999",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022999"
          },
          {
            "name": "ADV-2009-2852",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/2852"
          },
          {
            "name": "ca-rar-code-execution(53697)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
          },
          {
            "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
          },
          {
            "name": "36653",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/36653"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_plus_2009:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:common_services:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:anti-virus:2009:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:anti-virus_plus:2009:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:anti-virus_gateway:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_anti-virus_gateway:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_ez_antivirus:r7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:threat_manager:8.1:*:enterprise:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:threat_manager:r8:*:enterprise:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:anti-virus_for_the_enterprise:r8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:gateway_security:r8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:threat_manager_total_defense:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:arcserve_for_windows_client_agent:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:arcserve_for_windows_server_component:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_anti-virus_sdk:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3587"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022999",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id?1022999"
            },
            {
              "name": "ADV-2009-2852",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2852"
            },
            {
              "name": "36976",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/36976"
            },
            {
              "name": "36653",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/36653"
            },
            {
              "name": "58691",
              "refsource": "OSVDB",
              "tags": [
                "Broken Link"
              ],
              "url": "http://osvdb.org/58691"
            },
            {
              "name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
            },
            {
              "name": "ca-rar-code-execution(53697)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
            },
            {
              "name": "20091009 CA20091008-01: Security Notice for CA Anti-Virus Engine",
              "refsource": "BUGTRAQ",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2021-11-15T19:50Z",
      "publishedDate": "2009-10-13T10:30Z"
    }
  }
}

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. This vulnerability CVE-2009-3588 Is a different vulnerability.Skillfully crafted by a third party RAR Service disruption via archive files (DoS) Could be put into a state or execute arbitrary code. Multiple Computer Associates products are prone to memory-corruption vulnerabilities that affect the Anti-Virus engine. An attacker can exploit these issues to execute arbitrary code in the context of the affected applications or cause denial-of-service conditions. The issues affect the Anti-Virus engine with versions prior to 'arclib' 8.1.4.0. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. CA20091008-01: Security Notice for CA Anti-Virus Engine

Issued: October 8, 2009

CA's support is alerting customers to multiple security risks associated with CA Anti-Virus Engine. Vulnerabilities exist in the arclib component that can allow a remote attacker to cause a denial of service, or to cause heap corruption and potentially further compromise a system. CA has issued fixes to address the vulnerabilities. An attacker can create a malformed RAR archive file that results in heap corruption and allows the attacker to cause a denial of service or possibly further compromise the system. An attacker can create a malformed RAR archive file that results in stack corruption and allows the attacker to cause a denial of service.

Risk Rating

Medium

Platform

Windows UNIX Linux Solaris Mac OS X Netware

Affected Products

CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8 CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1 CA Anti-Virus 2007 (v8) CA Anti-Virus 2008 CA Anti-Virus 2009 CA Anti-Virus Plus 2009 eTrust EZ Antivirus r7.1 CA Internet Security Suite 2007 (v3) CA Internet Security Suite 2008 CA Internet Security Suite Plus 2008 CA Internet Security Suite Plus 2009 CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) 8.1 CA Threat Manager Total Defense CA Gateway Security r8.1 CA Protection Suites r2 CA Protection Suites r3 CA Protection Suites r3.1 CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1 CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1 CA ARCserve Backup r11.5 on Windows CA ARCserve Backup r12 on Windows CA ARCserve Backup r12.0 SP1 on Windows CA ARCserve Backup r12.0 SP 2 on Windows CA ARCserve Backup r12.5 on Windows CA ARCserve Backup r11.1 Linux CA ARCserve Backup r11.5 Linux CA ARCserve for Windows Client Agent CA ARCserve for Windows Server component CA eTrust Intrusion Detection 2.0 SP1 CA eTrust Intrusion Detection 3.0 CA eTrust Intrusion Detection 3.0 SP1 CA Common Services (CCS) r3.1 CA Common Services (CCS) r11 CA Common Services (CCS) r11.1 CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK) CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1

Non-Affected Products

CA Anti-Virus engine with arclib version 8.1.4.0 or later installed

How to determine if the installation is affected

For products on Windows:

Using Windows Explorer, locate the file "arclib.dll". By default, the file is located in the "C:\Program Files\CA\SharedComponents\ScanEngine" directory (*).
Right click on the file and select Properties.
Select the Version tab.
If the file version is earlier than indicated below, the installation is vulnerable.

File Name File Version arclib.dll 8.1.4.0

*For eTrust Intrusion Detection 2.0, the file is located in "Program Files\eTrust\Intrusion Detection\Common", and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in "Program Files\CA\Intrusion Detection\Common".

For CA Anti-Virus r8.1 on non-Windows platforms:

Use the compver utility provided on the CD to determine the version of Arclib. If the version is less than 8.1.4.0, the installation is vulnerable.

Example compver utility output:

  ------------------------------------------------
  COMPONENT NAME VERSION
  ------------------------------------------------
  eTrust Antivirus Arclib Archive Library 8.1.4.0
  ... (followed by other components)

For reference, the following are file names for arclib on non-Windows operating systems:

  Operating System     File name
  Solaris              libarclib.so
  Linux                libarclib.so
  Mac OS X             arclib.bundle

Solution

CA released arclib 8.1.4.0 on August 12 2009. If your product is configured for automatic updates, you should already be protected, and you need to take no action. If your product is not configured for automatic updates, then you simply need to run the update utility included with your product.

CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0: apply fix # RO11964.

CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1: apply fix # RO11964.

CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11: apply fix # RO11964.

CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1: apply fix # RO11964.

CA Common Services (CCS) r3.1: apply fix # RO11954.

CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 32bit: apply fix # RO10663.

CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 IA64: apply fix # RO10664.

CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 AMD64: apply fix # RO10665.

CA Secure Content Manager (formerly eTrust Secure Content Manager) r1.1: apply fix # RO10999.

CA Secure Content Manager (formerly eTrust Secure Content Manager) r8.0: apply fix # RO10999.

CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1: apply fix # RO11000.

CA Gateway Security r8.1: RO10999.

CA ARCserve for Windows Server component installed on a 64 bit machine: apply fixes # RO10663 and RO10664 (IA64) or RO10665 (AMD64).

CA ARCserve for Windows Server component installed on a 32 bit machine: apply fix # RO10663.

CA ARCserve for Windows Client Agent installed on a 64 bit machine: apply fix # RO10664 (IA64) or RO10665 (AMD64).

CA ARCserve for Windows Client Agent installed on a 32 bit machine: apply fix # RO10663.

CA ARCserve for Linux Server r11.5: apply fix # RO10729.

CA ARCserve for Linux:

Download RO10729.tar.Z from RO10729 into a temporary location /tmp/RO10729
Uncompress and untar RO10729.tar.Z as follows: uncompress RO10729.tar.Z tar -xvf RO10729.tar The new "libarclib.so" will be extracted to /tmp/RO10729
Change the directory to $CAIGLBL0000/ino/config as follows: cd $CAIGLBL0000/ino/config
Rename "libarclib.so" to "libarclib.so.RO10729" as follows: mv libarclib.so libarclib.so.RO10729
Copy the new libarclib.so as follows: cp /tmp/RO10729/libarclib.so $CAIGLBL0000/ino/config/
chmod +x $CAIGLBL0000/ino/config/libarclib.so
Stop the common agent (caagent stop)
Change the directory to ARCserve common agent directory (typically /opt/CA/BABcmagt) cd /opt/CA/BABcmagt Note: To find out the agent home directory run the following command: dirname 'ls -l /usr/bin/caagent |cut -f2 -d">"'
Save a copy of libarclib.so cp -p libarclib.so libarclib.so.RO10729
Copy over the new libarclib.so as follows: cp $/tmp/RO10729/libarclib.so.
Start the common agent (caagent start)
Repeat steps (7-11) on all remote Linux client agents' installations.
rm -rf /tmp/RO10729

Workaround

Do not open email attachments or download files from untrusted sources.

If additional information is required, please contact CA Support at http://support.ca.com/.

If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782

Regards, Ken Williams, Director ; 0xE2941985 CA Product Vulnerability Response Team

CA, 1 CA Plaza, Islandia, NY 11749

Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2009 CA. All rights reserved. ----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)

If not, then implement it through the most reliable vulnerability intelligence source on the market.

Implement it through Secunia.

For more information visit: http://secunia.com/advisories/business_solutions/

Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com

TITLE: CA Anti-Virus Engine RAR Processing Two Vulnerabilities

SECUNIA ADVISORY ID: SA36976

VERIFY ADVISORY: http://secunia.com/advisories/36976/

DESCRIPTION: Two vulnerabilities have been reported in multiple CA products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.

Successful exploitation may allow execution of arbitrary code.

Please see the vendor's advisory for detailed instructions on applying patches.

PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller.

ORIGINAL ADVISORY: CA20091008-01: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. Background ~~~~~~~~~~~~~ Quote: "CA is one of the world's largest IT management software providers. We serve more than 99% of Fortune 1000 companies, as well as government entities, educational institutions and thousands of other companies in diverse industries worldwide"

"CA Anti-Virus for the Enterprise is the next generation in comprehensive anti-virus security for business PCs, servers and PDAs. It combines proactive protection against malware with new, powerful management features that stop and remove malicious code before it enters your network, reducing system downtime"

II.

Attacker has control over EBX :

Basic Block: 6e4305b0 mov cl,byte ptr [ebx] Tainted Input Operands: ebx 6e4305b2 add edi,28h 6e4305b5 push edi 6e4305b6 lea edx,[esp+14h] 6e4305ba mov byte ptr [esp+14h],cl Tainted Input Operands: cl 6e4305be inc ebx Tainted Input Operands: ebx 6e4305bf push edx 6e4305c0 mov ecx,esi 6e4305c2 mov dword ptr [esp+1ch],ebx Tainted Input Operands: ebx 6e4305c6 call arclib!arctkopenarchive+0x283a0 (6e42f9f0)

III. Due to the nature of Anti-virus products, the attack vectors can be near endless. An attack could be done over the way of an E-mail message carrying an RAR attachment (of a file recognised as being RAR), USB, CD, Network data etc.

Please note that this is a general problem and not exclusive to Computer Associates.

IV. Disclosure timeline ~~~~~~~~~~~~~~~~~~~~~~~~~ DD.MM.YYYY 11.05.2009 - Reported CVE-2009-3587 03.06.2009 - Reported CVE-2009-3588 09.10.2009 - CA releases advisory https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878 13.10.2009 - G-SEC releases advisory

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200910-0352",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "anti-virus plus",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "ca",
        "version": "2009"
      },
      {
        "model": "protection suites",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ca",
        "version": "r3.1"
      },
      {
        "model": "threat manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ca",
        "version": "r8"
      },
      {
        "model": "threat manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ca",
        "version": "8.1"
      },
      {
        "model": "protection suites",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ca",
        "version": "r2"
      },
      {
        "model": "protection suites",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ca",
        "version": "r3"
      },
      {
        "model": "internet security suite plus 2008",
        "scope": null,
        "trust": 1.4,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "internet security suite plus 2009",
        "scope": null,
        "trust": 1.4,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "threat manager total defense",
        "scope": null,
        "trust": 1.4,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "etrust anti-virus sdk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "*"
      },
      {
        "model": "network and systems management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "r3.0"
      },
      {
        "model": "threat manager total defense",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "*"
      },
      {
        "model": "etrust antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "7.1"
      },
      {
        "model": "internet security suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "*"
      },
      {
        "model": "anti-virus gateway",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "7.1"
      },
      {
        "model": "etrust integrated threat management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "8.1"
      },
      {
        "model": "unicenter network and systems management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "11"
      },
      {
        "model": "unicenter network and systems management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "3.0"
      },
      {
        "model": "arcserve backup",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "r11.5"
      },
      {
        "model": "etrust intrusion detection",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "3.0"
      },
      {
        "model": "etrust antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "8.1"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "2008"
      },
      {
        "model": "internet security suite 2008",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "*"
      },
      {
        "model": "arcserve for windows client agent",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "*"
      },
      {
        "model": "internet security suite plus 2008",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "*"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "r8.1"
      },
      {
        "model": "secure content manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "1.1"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "2009"
      },
      {
        "model": "etrust intrusion detection",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "2.0"
      },
      {
        "model": "secure content manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "8.0"
      },
      {
        "model": "common services",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "11"
      },
      {
        "model": "etrust ez antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "r7.1"
      },
      {
        "model": "network and systems management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "r11.1"
      },
      {
        "model": "network and systems management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "r11"
      },
      {
        "model": "internet security suite",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "3.0"
      },
      {
        "model": "arcserve backup",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "r11.1"
      },
      {
        "model": "etrust secure content manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "8.0"
      },
      {
        "model": "anti-virus for the enterprise",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "r8"
      },
      {
        "model": "unicenter network and systems management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "11.1"
      },
      {
        "model": "etrust anti-virus gateway",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "7.1"
      },
      {
        "model": "internet security suite plus 2009",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "*"
      },
      {
        "model": "anti-virus for the enterprise",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "r8.1"
      },
      {
        "model": "anti-virus sdk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "*"
      },
      {
        "model": "etrust antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "8"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "2007"
      },
      {
        "model": "network and systems management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "r3.1"
      },
      {
        "model": "common services",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "3.1"
      },
      {
        "model": "etrust secure content manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "1.1"
      },
      {
        "model": "etrust intrusion detection",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "3.0"
      },
      {
        "model": "common services",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "11.1"
      },
      {
        "model": "arcserve for windows server component",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ca",
        "version": "*"
      },
      {
        "model": "anti-virus for the enterprise",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "7.1"
      },
      {
        "model": "unicenter network and systems management",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "broadcom",
        "version": "3.1"
      },
      {
        "model": "anti-virus",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "anti-virus for the enterprise",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "anti-virus gateway",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "anti-virus sdk",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "arcserve backup",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "arcserve for windows client agent",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "arcserve for windows server component",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "common services",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "etrust intrusion detection",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "gateway security",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "internet security suite",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "network and systems management",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "protection suites",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "secure content manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "threat manager for the enterprise",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "etrust ez antivirus",
        "scope": null,
        "trust": 0.8,
        "vendor": "ca",
        "version": null
      },
      {
        "model": "etrust integrated threat management",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ca",
        "version": "8.1"
      },
      {
        "model": "secure content manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ca",
        "version": "1.1"
      },
      {
        "model": "associates unicenter network and systems management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "3.1"
      },
      {
        "model": "associates unicenter network and systems management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "3.0"
      },
      {
        "model": "associates unicenter network and systems management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates unicenter network and systems management",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11"
      },
      {
        "model": "associates threat manager total defense",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "0"
      },
      {
        "model": "associates threat manager for the enterprise r8.1",
        "scope": null,
        "trust": 0.3,
        "vendor": "computer",
        "version": null
      },
      {
        "model": "associates threat manager for the enterprise r8",
        "scope": null,
        "trust": 0.3,
        "vendor": "computer",
        "version": null
      },
      {
        "model": "associates protection suites r2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "0"
      },
      {
        "model": "associates protection suites r3",
        "scope": null,
        "trust": 0.3,
        "vendor": "computer",
        "version": null
      },
      {
        "model": "associates protection suites",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "3.1"
      },
      {
        "model": "associates internet security suite plus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "20090"
      },
      {
        "model": "associates internet security suite plus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "20080"
      },
      {
        "model": "associates internet security suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "20080"
      },
      {
        "model": "associates internet security suite",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "20073.0"
      },
      {
        "model": "associates gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "8.1"
      },
      {
        "model": "associates etrust secure content manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "8.0"
      },
      {
        "model": "associates etrust secure content manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "1.1"
      },
      {
        "model": "associates etrust intrusion detection sp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "3.01"
      },
      {
        "model": "associates etrust intrusion detection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "3.0"
      },
      {
        "model": "associates etrust intrusion detection sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "2.0.0"
      },
      {
        "model": "associates etrust ez antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "7.1"
      },
      {
        "model": "associates common services r11.1",
        "scope": null,
        "trust": 0.3,
        "vendor": "computer",
        "version": null
      },
      {
        "model": "associates common services r11",
        "scope": null,
        "trust": 0.3,
        "vendor": "computer",
        "version": null
      },
      {
        "model": "associates common services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "3.1"
      },
      {
        "model": "associates brightstor arcserve backup for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates brightstor arcserve backup for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates brightstor arcserve backup for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "12.5"
      },
      {
        "model": "associates brightstor arcserve backup for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "12.0"
      },
      {
        "model": "associates brightstor arcserve backup r12.0 windows sp1",
        "scope": null,
        "trust": 0.3,
        "vendor": "computer",
        "version": null
      },
      {
        "model": "associates arcserve backup for linux sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for linux sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for linux sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for linux ga",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.5"
      },
      {
        "model": "associates arcserve backup for linux sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates arcserve backup for linux sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates arcserve backup for linux sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates arcserve backup for linux ga",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "11.1"
      },
      {
        "model": "associates anti-virus sdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "0"
      },
      {
        "model": "associates anti-virus gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "7.1"
      },
      {
        "model": "associates anti-virus for the enterprise r8.1",
        "scope": null,
        "trust": 0.3,
        "vendor": "computer",
        "version": null
      },
      {
        "model": "associates anti-virus for the enterprise r8",
        "scope": null,
        "trust": 0.3,
        "vendor": "computer",
        "version": null
      },
      {
        "model": "associates anti-virus for the enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "7.1"
      },
      {
        "model": "associates anti-virus plus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "20090"
      },
      {
        "model": "associates anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "20090"
      },
      {
        "model": "associates anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "20078"
      },
      {
        "model": "associates anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "computer",
        "version": "2008"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "36653"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-199"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3587"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_plus_2009:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:gateway_security:r8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:common_services:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_anti-virus_sdk:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:anti-virus_for_the_enterprise:r8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:arcserve_for_windows_server_component:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:threat_manager:8.1:*:enterprise:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_ez_antivirus:r7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:anti-virus:2009:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:anti-virus_plus:2009:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:anti-virus_gateway:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:threat_manager:r8:*:enterprise:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:etrust_anti-virus_gateway:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:arcserve_for_windows_client_agent:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:threat_manager_total_defense:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-3587"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Thierry Zoller",
    "sources": [
      {
        "db": "BID",
        "id": "36653"
      },
      {
        "db": "PACKETSTORM",
        "id": "81986"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-199"
      }
    ],
    "trust": 1.0
  },
  "cve": "CVE-2009-3587",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2009-3587",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-41033",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2009-3587",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200910-199",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-41033",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-41033"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-199"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3587"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. This vulnerability CVE-2009-3588 Is a different vulnerability.Skillfully crafted by a third party RAR Service disruption via archive files (DoS) Could be put into a state or execute arbitrary code. Multiple Computer Associates products are prone to memory-corruption vulnerabilities that affect the Anti-Virus engine. \nAn attacker can exploit these issues to execute arbitrary code in the context of the affected applications or cause denial-of-service conditions. \nThe issues affect the Anti-Virus engine with versions prior to \u0027arclib\u0027 8.1.4.0. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. \nCA20091008-01: Security Notice for CA Anti-Virus Engine\n\n\nIssued: October 8, 2009\n\n\nCA\u0027s support is alerting customers to multiple security risks \nassociated with CA Anti-Virus Engine.  Vulnerabilities exist in \nthe arclib component that can allow a remote attacker to cause a \ndenial of service, or to cause heap corruption and potentially \nfurther compromise a system.  CA has issued fixes to address the \nvulnerabilities.  An attacker can create a \nmalformed RAR archive file that results in heap corruption and \nallows the attacker to cause a denial of service or possibly \nfurther compromise the system.  An attacker can create a \nmalformed RAR archive file that results in stack corruption and \nallows the attacker to cause a denial of service. \n\n\nRisk Rating\n\nMedium\n\n\nPlatform\n\nWindows\nUNIX\nLinux\nSolaris\nMac OS X\nNetware\n\n\nAffected Products\n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1\nCA Anti-Virus 2007 (v8)\nCA Anti-Virus 2008\nCA Anti-Virus 2009\nCA Anti-Virus Plus 2009\neTrust EZ Antivirus r7.1\nCA Internet Security Suite 2007 (v3)\nCA Internet Security Suite 2008\nCA Internet Security Suite Plus 2008\nCA Internet Security Suite Plus 2009\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n   Threat Management) r8\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n   Threat Management) 8.1\nCA Threat Manager Total Defense\nCA Gateway Security r8.1\nCA Protection Suites r2\nCA Protection Suites r3\nCA Protection Suites r3.1\nCA Secure Content Manager (formerly eTrust Secure Content \n   Manager) 1.1\nCA Secure Content Manager (formerly eTrust Secure Content \n   Manager) 8.0\nCA Network and Systems Management (NSM) (formerly Unicenter \n   Network and Systems Management) r3.0\nCA Network and Systems Management (NSM) (formerly Unicenter \n   Network and Systems Management) r3.1\nCA Network and Systems Management (NSM) (formerly Unicenter \n   Network and Systems Management) r11\nCA Network and Systems Management (NSM) (formerly Unicenter \n   Network and Systems Management) r11.1\nCA ARCserve Backup r11.5 on Windows\nCA ARCserve Backup r12 on Windows\nCA ARCserve Backup r12.0 SP1 on Windows\nCA ARCserve Backup r12.0 SP 2 on Windows\nCA ARCserve Backup r12.5 on Windows\nCA ARCserve Backup r11.1 Linux\nCA ARCserve Backup r11.5 Linux\nCA ARCserve for Windows Client Agent\nCA ARCserve for Windows Server component\nCA eTrust Intrusion Detection 2.0 SP1\nCA eTrust Intrusion Detection 3.0\nCA eTrust Intrusion Detection 3.0 SP1\nCA Common Services (CCS) r3.1\nCA Common Services (CCS) r11\nCA Common Services (CCS) r11.1\nCA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)\nCA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1\n\n\nNon-Affected Products\n\nCA Anti-Virus engine with arclib version 8.1.4.0 or later \ninstalled\n\n\nHow to determine if the installation is affected\n\nFor products on Windows:\n\n1. Using Windows Explorer, locate the file \"arclib.dll\".  By \n   default, the file is located in the \n   \"C:\\Program Files\\CA\\SharedComponents\\ScanEngine\" directory (*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. If the file version is earlier than indicated below, the \n   installation is vulnerable. \n\n      File Name     File Version\n      arclib.dll    8.1.4.0\n\n*For eTrust Intrusion Detection 2.0, the file is located in \n\"Program Files\\eTrust\\Intrusion Detection\\Common\", and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\"Program Files\\CA\\Intrusion Detection\\Common\". \n\nFor CA Anti-Virus r8.1 on non-Windows platforms:\n\nUse the compver utility provided on the CD to determine the \nversion of Arclib.  If the version is less than 8.1.4.0, the \ninstallation is vulnerable. \n\nExample compver utility output:\n\n      ------------------------------------------------\n      COMPONENT NAME VERSION\n      ------------------------------------------------\n      eTrust Antivirus Arclib Archive Library 8.1.4.0\n      ... (followed by other components)\n                                       \n\nFor reference, the following are file names for arclib on \nnon-Windows operating systems:\n\n      Operating System     File name\n      Solaris              libarclib.so\n      Linux                libarclib.so\n      Mac OS X             arclib.bundle\n\n\nSolution\n\nCA released arclib 8.1.4.0 on August 12 2009.  If your product is \nconfigured for automatic updates, you should already be protected, \nand you need to take no action.  If your product is not configured \nfor automatic updates, then you simply need to run the update \nutility included with your product. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r3.0: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r3.1: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r11: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r11.1: apply fix # RO11964. \n\nCA Common Services (CCS) r3.1: apply fix # RO11954. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \n32bit: apply fix # RO10663. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \nIA64: apply fix # RO10664. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \nAMD64: apply fix # RO10665. \n\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \nr1.1: apply fix # RO10999. \n\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \nr8.0: apply fix # RO10999. \n\nCA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1: \napply fix # RO11000. \n\nCA Gateway Security r8.1: RO10999. \n\nCA ARCserve for Windows Server component installed on a 64 bit \nmachine: apply fixes # RO10663 and RO10664 (IA64) or RO10665 \n(AMD64). \n\nCA ARCserve for Windows Server component installed on a 32 bit \nmachine: apply fix # RO10663. \n\nCA ARCserve for Windows Client Agent installed on a 64 bit \nmachine: apply fix # RO10664 (IA64) or RO10665 (AMD64). \n\nCA ARCserve for Windows Client Agent installed on a 32 bit \nmachine: apply fix # RO10663. \n\nCA ARCserve for Linux Server r11.5: apply fix # RO10729. \n\nCA ARCserve for Linux:\n\n1. Download RO10729.tar.Z from RO10729 into a temporary location \n   /tmp/RO10729\n\n2. Uncompress and untar RO10729.tar.Z as follows:\n   uncompress RO10729.tar.Z\n   tar -xvf RO10729.tar\n   The new \"libarclib.so\" will be extracted to /tmp/RO10729\n\n3. Change the directory to $CAIGLBL0000/ino/config as follows:\n   cd $CAIGLBL0000/ino/config\n\n4. Rename \"libarclib.so\" to \"libarclib.so.RO10729\" as follows:\n   mv libarclib.so libarclib.so.RO10729\n\n5. Copy the new libarclib.so as follows:\n   cp /tmp/RO10729/libarclib.so $CAIGLBL0000/ino/config/\n\n6. chmod +x $CAIGLBL0000/ino/config/libarclib.so\n\n7. Stop the common agent (caagent stop)\n\n8. Change the directory to ARCserve common agent directory \n   (typically /opt/CA/BABcmagt)\n   cd /opt/CA/BABcmagt\n   Note: To find out the agent home directory run the following \n   command:\n   dirname \u0027ls -l /usr/bin/caagent |cut -f2 -d\"\u003e\"\u0027\n\n9. Save a copy of libarclib.so\n   cp -p libarclib.so libarclib.so.RO10729\n\n10. Copy over the new libarclib.so as follows:\n   cp $/tmp/RO10729/libarclib.so. \n\n11. Start the common agent (caagent start)\n\n12. Repeat steps (7-11) on all remote Linux client agents\u0027 \n   installations. \n\n13. rm -rf /tmp/RO10729\n\n\nWorkaround\n\nDo not open email attachments or download files from untrusted \nsources. \n\n\nIf additional information is required, please contact CA Support \nat http://support.ca.com/. \n\n\nIf you discover a vulnerability in CA products, please report your \nfindings to the CA Product Vulnerability Response Team. \nsupport.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nRegards,\nKen Williams, Director ; 0xE2941985\nCA Product Vulnerability Response Team\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2009 CA. All rights reserved. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Anti-Virus Engine RAR Processing Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA36976\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36976/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in multiple CA products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService) or to potentially compromise a vulnerable system. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nPlease see the vendor\u0027s advisory for detailed instructions on\napplying patches. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Thierry Zoller. \n\nORIGINAL ADVISORY:\nCA20091008-01:\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Background\n~~~~~~~~~~~~~\nQuote: \n\"CA is one of the world\u0027s largest IT management software providers. \nWe serve more than 99% of Fortune 1000 companies, as well as government \nentities, educational institutions and thousands of other companies \nin diverse industries worldwide\" \n\n\"CA Anti-Virus for the Enterprise is the next generation in comprehensive \nanti-virus security for business PCs, servers and PDAs. It combines \nproactive protection against malware with new, powerful management \nfeatures that stop and remove malicious code before it enters your \nnetwork, reducing system downtime\"\n\n\nII. \n\nAttacker has control over EBX :\n\nBasic Block:\n    6e4305b0 mov cl,byte ptr [ebx]\n       Tainted Input Operands: ebx\n    6e4305b2 add edi,28h\n    6e4305b5 push edi\n    6e4305b6 lea edx,[esp+14h]\n    6e4305ba mov byte ptr [esp+14h],cl\n       Tainted Input Operands: cl\n    6e4305be inc ebx\n       Tainted Input Operands: ebx\n    6e4305bf push edx\n    6e4305c0 mov ecx,esi\n    6e4305c2 mov dword ptr [esp+1ch],ebx\n       Tainted Input Operands: ebx\n    6e4305c6 call arclib!arctkopenarchive+0x283a0 (6e42f9f0)\n        \n        \n\nIII. \nDue to the nature of Anti-virus products, the attack vectors can be near endless. An attack\ncould be done over the way of an E-mail message carrying an RAR attachment (of a file\nrecognised as being RAR), USB, CD, Network data etc. \n\nPlease note that this is a general problem and not exclusive to Computer Associates. \n\n\nIV. Disclosure timeline\n~~~~~~~~~~~~~~~~~~~~~~~~~\nDD.MM.YYYY\n11.05.2009 - Reported CVE-2009-3587 \n03.06.2009 - Reported CVE-2009-3588\n09.10.2009 - CA releases advisory\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\n13.10.2009 - G-SEC releases advisory\n\n\n\n\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-3587"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002628"
      },
      {
        "db": "BID",
        "id": "36653"
      },
      {
        "db": "VULHUB",
        "id": "VHN-41033"
      },
      {
        "db": "PACKETSTORM",
        "id": "81918"
      },
      {
        "db": "PACKETSTORM",
        "id": "81885"
      },
      {
        "db": "PACKETSTORM",
        "id": "81986"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2009-3587",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "36653",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "36976",
        "trust": 2.6
      },
      {
        "db": "OSVDB",
        "id": "58691",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-2852",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1022999",
        "trust": 2.5
      },
      {
        "db": "XF",
        "id": "53697",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002628",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-199",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "81918",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "81986",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-41033",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "81885",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-41033"
      },
      {
        "db": "BID",
        "id": "36653"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002628"
      },
      {
        "db": "PACKETSTORM",
        "id": "81918"
      },
      {
        "db": "PACKETSTORM",
        "id": "81885"
      },
      {
        "db": "PACKETSTORM",
        "id": "81986"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-199"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3587"
      }
    ]
  },
  "id": "VAR-200910-0352",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-41033"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-05-18T22:06:25.543000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "218878",
        "trust": 0.8,
        "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=218878"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002628"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-3587"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/36653"
      },
      {
        "trust": 2.5,
        "url": "http://osvdb.org/58691"
      },
      {
        "trust": 2.5,
        "url": "http://www.securitytracker.com/id?1022999"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/36976"
      },
      {
        "trust": 2.5,
        "url": "http://www.vupen.com/english/advisories/2009/2852"
      },
      {
        "trust": 2.2,
        "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=218878"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
      },
      {
        "trust": 1.7,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3587"
      },
      {
        "trust": 0.8,
        "url": "http://xforce.iss.net/xforce/xfdb/53697"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3587"
      },
      {
        "trust": 0.4,
        "url": "http://blog.g-sec.lu/2009/10/computer-associates-multiple-products.html"
      },
      {
        "trust": 0.4,
        "url": "http://www.ca.com"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/507101"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/507068"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3588"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3587"
      },
      {
        "trust": 0.1,
        "url": "http://support.ca.com/."
      },
      {
        "trust": 0.1,
        "url": "https://www.g-sec.lu"
      },
      {
        "trust": 0.1,
        "url": "http://www.ca.com/us/contact/"
      },
      {
        "trust": 0.1,
        "url": "http://www.ca.com/us/legal/"
      },
      {
        "trust": 0.1,
        "url": "http://www.ca.com/us/privacy/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/36976/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-41033"
      },
      {
        "db": "BID",
        "id": "36653"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002628"
      },
      {
        "db": "PACKETSTORM",
        "id": "81918"
      },
      {
        "db": "PACKETSTORM",
        "id": "81885"
      },
      {
        "db": "PACKETSTORM",
        "id": "81986"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-199"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3587"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-41033"
      },
      {
        "db": "BID",
        "id": "36653"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002628"
      },
      {
        "db": "PACKETSTORM",
        "id": "81918"
      },
      {
        "db": "PACKETSTORM",
        "id": "81885"
      },
      {
        "db": "PACKETSTORM",
        "id": "81986"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-199"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3587"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-10-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-41033"
      },
      {
        "date": "2009-10-09T00:00:00",
        "db": "BID",
        "id": "36653"
      },
      {
        "date": "2010-12-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-002628"
      },
      {
        "date": "2009-10-12T20:41:50",
        "db": "PACKETSTORM",
        "id": "81918"
      },
      {
        "date": "2009-10-12T11:21:41",
        "db": "PACKETSTORM",
        "id": "81885"
      },
      {
        "date": "2009-10-14T23:09:22",
        "db": "PACKETSTORM",
        "id": "81986"
      },
      {
        "date": "2009-10-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200910-199"
      },
      {
        "date": "2009-10-13T10:30:00.610000",
        "db": "NVD",
        "id": "CVE-2009-3587"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-11-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-41033"
      },
      {
        "date": "2009-10-13T15:38:00",
        "db": "BID",
        "id": "36653"
      },
      {
        "date": "2010-12-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-002628"
      },
      {
        "date": "2021-04-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200910-199"
      },
      {
        "date": "2024-05-17T17:25:39.707000",
        "db": "NVD",
        "id": "CVE-2009-3587"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "81918"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-199"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  CA Product  Anti-Virus In the engine  arclib Vulnerability in arbitrary code execution in components",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002628"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-199"
      }
    ],
    "trust": 0.6
  }
}

CVE-2009-3587

Vulnerability from fkie_nvd

Published

2009-10-13 10:30

Modified

2024-11-21 01:07

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/58691	Broken Link
cve@mitre.org	http://secunia.com/advisories/36976	Third Party Advisory
cve@mitre.org	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878	Broken Link, Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/507068/100/0/threaded	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securityfocus.com/bid/36653	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id?1022999	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2009/2852	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/53697	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/58691	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36976	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878	Broken Link, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/507068/100/0/threaded	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36653	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022999	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/2852	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/53697	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
broadcom	anti-virus	2007
broadcom	anti-virus	2008
broadcom	anti-virus_for_the_enterprise	7.1
broadcom	anti-virus_for_the_enterprise	r8
broadcom	anti-virus_sdk	*
broadcom	common_services	11
broadcom	common_services	11.1
broadcom	etrust_antivirus	7.1
broadcom	etrust_antivirus	8
broadcom	etrust_antivirus	8.1
broadcom	etrust_integrated_threat_management	8.1
broadcom	etrust_intrusion_detection	3.0
broadcom	etrust_secure_content_manager	1.1
broadcom	internet_security_suite	*
broadcom	internet_security_suite	3.0
broadcom	network_and_systems_management	r3.0
broadcom	network_and_systems_management	r3.1
broadcom	network_and_systems_management	r11
broadcom	network_and_systems_management	r11.1
broadcom	secure_content_manager	1.1
broadcom	secure_content_manager	8.0
broadcom	unicenter_network_and_systems_management	3.0
broadcom	unicenter_network_and_systems_management	3.1
broadcom	unicenter_network_and_systems_management	11
broadcom	unicenter_network_and_systems_management	11.1
ca	anti-virus	2009
ca	anti-virus_for_the_enterprise	r8.1
ca	anti-virus_gateway	7.1
ca	anti-virus_plus	2009
ca	arcserve_backup	r11.5
ca	arcserve_for_windows_client_agent	*
ca	arcserve_for_windows_server_component	*
ca	common_services	3.1
ca	etrust_anti-virus_gateway	7.1
ca	etrust_anti-virus_sdk	*
ca	etrust_ez_antivirus	r7.1
ca	etrust_intrusion_detection	2.0
ca	etrust_intrusion_detection	3.0
ca	etrust_secure_content_manager	8.0
ca	gateway_security	r8.1
ca	internet_security_suite_2008	*
ca	internet_security_suite_plus_2008	*
ca	internet_security_suite_plus_2009	*
ca	protection_suites	r2
ca	protection_suites	r3
ca	protection_suites	r3.1
ca	threat_manager	8.1
ca	threat_manager	r8
ca	threat_manager_total_defense	*
ca	arcserve_backup	r11.1
ca	arcserve_backup	r11.5
linux	linux_kernel	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*",
              "matchCriteriaId": "C469EBBE-EE96-4CED-BD8C-36461750C6A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C5E892B-0EE8-4B76-97B8-0BAF17E83F49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "607CCBDA-7288-4496-A7ED-EF6DED40CA21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*",
              "matchCriteriaId": "11BCD267-E8CE-4A97-B769-5F4CAF9830D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865B7BD2-3AD1-41CA-842B-47BC4F1426DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E2FA702-184A-44FF-8DEA-7811804EE175",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D301B65D-A20B-4991-A0D8-DFE3363F162B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "05185A74-8484-419D-A3CE-8603928AF0DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52C533CA-ACB7-4C0F-98E2-B5E51E24A554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD8D5F0-9606-4BBA-B7F9-ACD089B84DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DDF2EE3-753B-4C7E-84EF-144FA5986A21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F30C4FF9-DB76-4B3F-9582-752097B3D521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "285013A5-E058-4B2B-B8B6-1BFF72388589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF55705-42ED-4503-8534-FDEA365E84E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB548763-E1A7-4DB1-BE86-ED5AA1CA81BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B28429A-F343-4BE8-A94D-5A5AC3F6258C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF64064-1C35-4888-BBC2-52F68EF9517F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DADD1E6-3454-4C1E-AD46-82D79CB8F528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E02DA21-B25B-4626-BFDC-61AA8AF3537E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EFA39E3-A614-4A64-B29C-86D6F12F1557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4434A4-EE82-46A1-9293-345991515369",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "43CD3B48-C978-4FDB-B157-85F3E971446B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus:2009:*:*:*:*:*:*:*",
              "matchCriteriaId": "6050CADE-7BAF-45B7-A031-F70558C7CE44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus_for_the_enterprise:r8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0186ADA-0E20-4E14-B9D5-19CDFC1BD98F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus_gateway:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD75FF0F-A36C-40AF-A99E-1596A6A6FE2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:anti-virus_plus:2009:*:*:*:*:*:*:*",
              "matchCriteriaId": "BED8CEF9-6AEC-4771-98F7-051E4B3E0848",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_for_windows_client_agent:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5603FDAD-A347-4A44-BC45-1ADC44601D65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_for_windows_server_component:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5086D7CF-EBAB-4E30-98E0-0D276CC1C707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:common_services:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FAD043E-3ABE-46D7-AD17-A68858692A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_anti-virus_gateway:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C13B0E1-DCEE-46E5-81A3-C08C07C58B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_anti-virus_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "257CC950-F1BB-4D0A-9B05-98A58DB67532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_ez_antivirus:r7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0A641A2-4147-4C41-B102-18417ECA9339",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "29FEABEE-DC17-4620-B088-B24249865931",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "D10B864B-AA39-4702-A42B-F33BAF2D8059",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB54A16-5E56-46FC-A49C-56C98C0B8F1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:gateway_security:r8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B44F941C-83DC-4EDA-B258-C35F5EDA819E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0281F80B-CF9C-482D-B7A9-3B2651BD0567",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F7E184-EA23-487C-83ED-65CF8DD2DB18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:internet_security_suite_plus_2009:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "951062B1-C72B-4EAF-BA54-6986434036FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
              "matchCriteriaId": "253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC845898-3D77-4793-971E-5E1555ED9CDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:threat_manager:8.1:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "0115D81C-2CA2-424C-BE4B-0896C9ADA68E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:threat_manager:r8:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "A38801CD-167E-408E-89BD-52BB1B89041B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:threat_manager_total_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6AEE8BC-8D0E-464F-88B7-5C2C2D372AFA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente arclib en el motor Anti-Virus en CA Anti-Virus para Enterprise (formalmente eTrust Antivirus) v7.1 hasta v8.1; Anti-Virus 2007 (v8) hasta 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) hasta Plus 2009; y otros productos CA permite a atacantes remotos causar una denegaci\u00f3n de servicio y ejecutar probablemente c\u00f3digo de su elecci\u00f3n a trav\u00e9s del archivo RAR manipulado que provoca una corrupci\u00f3n de la memoria din\u00e1mica, una vulnerabilidad diferente que CVE-2009-3588."
    }
  ],
  "id": "CVE-2009-3587",
  "lastModified": "2024-11-21T01:07:44.420",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-13T10:30:00.610",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/58691"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/36976"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/36653"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1022999"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2852"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/58691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/36976"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/36653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1022999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-q64c-hf5x-986j

Vulnerability from github

Published

2022-05-02 03:46

Modified

2022-05-02 03:46

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-3587"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-10-13T10:30:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.",
  "id": "GHSA-q64c-hf5x-986j",
  "modified": "2022-05-02T03:46:46Z",
  "published": "2022-05-02T03:46:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3587"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/58691"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36976"
    },
    {
      "type": "WEB",
      "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/36653"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022999"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/2852"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2009-3587

Vulnerability from cvelistv5

gsd-2009-3587

Vulnerability from gsd

var-200910-0352

Vulnerability from variot

CVE-2009-3587

Vulnerability from fkie_nvd

ghsa-q64c-hf5x-986j

Vulnerability from github

Tags

Sightings

Nomenclature