Lucene search
SAINT CorporationSAINT:EF8B495EDB655777167BAB3F8CBF1A4FHistoryJun 07, 2007 - 12:00 a.m.
CA Antivirus engine CAB handling buffer overflow
2007-06-0700:00:00
SAINT Corporation
www.saintcorporation.com
6
0.955 High
EPSS
Percentile
99.2%
Added: 06/07/2007
CVE: CVE-2007-2864
BID: 24330
OSVDB: 35245
Background
The CA Antivirus engine is included in multiple CA products.
Problem
A buffer overflow vulnerability in the CA Antivirus engine allows command execution when a CAB file containing a specially crafted “coffFiles” field is scanned.
Resolution
Apply content update 30.6 as described in the CA Security Notice.
References
<http://www.zerodayinitiative.com/advisories/ZDI-07-035.html>
Limitations
Exploit works on CA eTrust Antivirus 8.1.637 and requires a user to download and open the exploit file.
Platforms
Windows
Related
packetstorm
packetstorm
CA Antivirus Engine CAB Buffer Overflow
2009-11-26 00:00:00
saint
saint
CA Antivirus engine CAB handling buffer overflow
2007-06-07 00:00:00
CA Antivirus engine CAB handling buffer overflow
2007-06-07 00:00:00
CA Antivirus engine CAB handling buffer overflow
2007-06-07 00:00:00
securityvulns
securityvulns
ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability
2007-06-06 00:00:00
[CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities
2007-06-11 00:00:00
CA multiple antiviral products buffer overflow
2007-06-11 00:00:00
cve
cve
CVE-2007-2864
2007-06-06 21:30:00
prion
prion
Stack overflow
2007-06-06 21:30:00
zdi
zdi
cert
cert
checkpoint_advisories
checkpoint_advisories
checkpoint_security
checkpoint_security