Vulnerabilities > CVE-2009-3588
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.
Vulnerable Configurations
Nessus
NASL family | Windows |
NASL id | CA_AV_ARCLIB_8140.NASL |
description | The antivirus engine from Computer Associates installed on the remote host is affected by multiple vulnerabilities : - Due to improper handling of certain specially crafted RAR files it may be possible for a remote attacker to trigger a heap overflow or denial of service condition. (CVE-2009-3587) - Due to improper handling of certain specially crafted RAR files it may be possible for a remote attacker to trigger a stack overflow or denial of service condition. (CVE-2009-3588) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 42105 |
published | 2009-10-13 |
reporter | This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/42105 |
title | Computer Associates Anti-Virus Engine arclib.dll < 8.1.4.0 Multiple Flaws |
code |
|
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 36653 CVE ID: CVE-2009-3587,CVE-2009-3588 Computer Associates是世界领先的安全厂商,产品包括多种杀毒软件及备份恢复系统。 多个CA产品杀毒引擎所使用的arclib组件在解析畸形RAR压缩文件时存在堆或栈内存破坏,用户受骗打开恶意文件就会导致拒绝服务或执行任意指令。 Computer Associates eTrust Intrusion Detection 3.0 SP1 Computer Associates eTrust Intrusion Detection 3.0 Computer Associates eTrust Intrusion Detection 2.0 SP1 Computer Associates Common Services r3.1 Computer Associates Common Services r11.1 Computer Associates Common Services r11 Computer Associates Anti-Virus Plus 2009 Computer Associates Anti-Virus for the Enterprise r8.1 Computer Associates Anti-Virus for the Enterprise r8 Computer Associates Anti-Virus for the Enterprise 7.1 Computer Associates Anti-Virus 2009 Computer Associates Anti-Virus 2008 Computer Associates Anti-Virus 2007 (v8) Computer Associates Internet Security Suite Plus 2009 Computer Associates Internet Security Suite Plus 2008 Computer Associates Internet Security Suite 2008 Computer Associates Internet Security Suite 2007 v3.0 Computer Associates Protection Suites 3.1 Computer Associates Protection Suites 3 Computer Associates Protection Suites 2 Computer Associates Threat Manager for the Enterprise r8.1 Computer Associates Threat Manager for the Enterprise r8 Computer Associates Secure Content Manager 8.0 Computer Associates Secure Content Manager 1.1 Computer Associates ARCserve Backup r12.0 SP2 Computer Associates ARCserve Backup r12.0 SP1 Computer Associates ARCserve Backup r12.0 Computer Associates ARCserve Backup r11.5 Computer Associates ARCserve Backup r11.1 Computer Associates Gateway Security r8.1 Computer Associates NSM 3.1 Computer Associates NSM 3.0 Computer Associates NSM 11.1 Computer Associates NSM 11 Computer Associates Anti-Virus Gateway 7.1 厂商补丁: Computer Associates ------------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.cai.com/ |
id | SSV:12457 |
last seen | 2017-11-19 |
modified | 2009-10-12 |
published | 2009-10-12 |
reporter | Root |
title | CA杀毒引擎arclib库多个内存破坏漏洞 |
References
- http://secunia.com/advisories/36976
- http://secunia.com/advisories/36976
- http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878
- http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878
- http://www.securityfocus.com/archive/1/507068/100/0/threaded
- http://www.securityfocus.com/archive/1/507068/100/0/threaded
- http://www.securityfocus.com/bid/36653
- http://www.securityfocus.com/bid/36653
- http://www.securitytracker.com/id?1022999
- http://www.securitytracker.com/id?1022999
- http://www.vupen.com/english/advisories/2009/2852
- http://www.vupen.com/english/advisories/2009/2852
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53698
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53698