Vulnerabilities > Broadcom > Internet Security Suite

DATE CVE VULNERABILITY TITLE RISK
2008-08-12 CVE-2008-2926 Improper Input Validation vulnerability in multiple products
The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.
local
low complexity
broadcom ca CWE-20
7.2
2007-07-26 CVE-2007-3875 arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.
network
broadcom ca
4.3
2007-06-06 CVE-2007-2864 Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.
network
broadcom ca
critical
9.3
2006-12-13 CVE-2006-6496 Unspecified vulnerability in Broadcom Etrust Antivirus and Internet Security Suite
The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs.
local
broadcom
6.6