[email protected]CVE-2009-0042

HistoryJan 28, 2009 - 1:30 a.m.

CVE-2009-0042

2009-01-2801:30:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2009-0042

arclib library

vulnerabilities

ca anti-virus

bypass virus detection

nvd

6.8 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.041 Low

EPSS

Percentile

92.1%

JSON

Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.

CPENameOperatorVersion
ca:threat_manager_for_the_enterpriseca threat manager for the enterpriseeqr8
ca:arcserve_backupca arcserve backupeqr11.5_nil_
ca:etrust_intrusion_detectionca etrust intrusion detectioneq2.0
ca:arcserve_backupca arcserve backupeqr11.1
ca:protection_suitesca protection suiteseqr3
ca:internet_security_suite_2008ca internet security suite 2008eq*
ca:etrust_intrusion_detectionca etrust intrusion detectioneq3.0
ca:protection_suitesca protection suiteseqr3.1
ca:arcserve_backupca arcserve backupeqr12.0_nil_
ca:internet_security_suite_2007ca internet security suite 2007eq3

CPE	Name	Operator	Version
ca:threat_manager_for_the_enterprise	ca threat manager for the enterprise	eq	r8
ca:arcserve_backup	ca arcserve backup	eq	r11.5_nil_
ca:etrust_intrusion_detection	ca etrust intrusion detection	eq	2.0
ca:arcserve_backup	ca arcserve backup	eq	r11.1
ca:protection_suites	ca protection suites	eq	r3
ca:internet_security_suite_2008	ca internet security suite 2008	eq	*
ca:etrust_intrusion_detection	ca etrust intrusion detection	eq	3.0
ca:protection_suites	ca protection suites	eq	r3.1
ca:arcserve_backup	ca arcserve backup	eq	r12.0_nil_
ca:internet_security_suite_2007	ca internet security suite 2007	eq	3

Rows per page:

1-10 of 371

References

community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx

support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601

www.securityfocus.com/archive/1/500417/100/0/threaded

www.securityfocus.com/bid/33464

www.securitytracker.com/id?1021639

www.vupen.com/english/advisories/2009/0270

exchange.xforce.ibmcloud.com/vulnerabilities/48261

Social References

6.8 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.041 Low

EPSS

Percentile

92.1%

JSON

Related for CVE-2009-0042

securityvulns2 nessus1 prion1 cvelist1 openvas7