16 matches found
CVE-2009-3588
CVE-2009-3588 (and 3587) describe a DoS vulnerability in CA’s arclib component used by CA Anti-Virus for Enterprise and related CA products. A crafted RAR archive can trigger stack corruption (CVE-3588) and heap corruption (CVE-3587); CVE-3587 also notes possible arbitrary-code execution. Affecte...
CVE-2009-3587
CA ARclib DoS vulnerabilities (CVE-2009-3587/3588) affect CA Anti-Virus for the Enterprise and related CA products; exploitation via crafted RAR archives can trigger heap or stack corruption and may lead to denial of service and possibly arbitrary code execution. Affected products listed include ...
CVE-2007-2864
CVE-2007-2864 describes a stack-based buffer overflow in the Computer Associates (CA) Anti-Virus engine when processing CAB archives. The vulnerability exists in the CAB file handling prior to content update 30.6, allowing a remote attacker to execute arbitrary code by delivering a specially craf...
CVE-2004-0935
CVE-2004-0935 affects Eset Anti-Virus prior to 1.020. A ZIP archive with both local and global headers set to zero could bypass antivirus protection and allow a malicious file to be opened on the target system. PoC/proofs of concept code and advisories (e.g., iDEFENSE CAN references) document det...
CVE-2004-0936
CVE-2004-0936 refers to a ZIP header manipulation vulnerability affecting anti-virus engines (notably RAV) where both local and global ZIP headers can be set to zero, allowing a compressed file to bypass protection and still be opened. The connected sources describe a proof-of-concept and public ...
CVE-2004-0937
CVE-2004-0937 affects Sophos Anti-Virus prior to 3.87.0 and Sophos Anti-Virus for Windows 95/98/Me prior to 3.88.0. The issue allows remote attackers to bypass antivirus protection by delivering a ZIP archive whose local and global headers are set to zero, yet the archive can still be opened on t...
CVE-2004-0933
CVE-2004-0933 affects Computer Associates CA InoculateIT 6.0, eTrust Antivirus (r6.0–r7.1), eTrust Antivirus for the Gateway (r7.0–r7.1), eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor (2.0–2.4), and EZ-Antivirus (6.1–6.3). The issue is a ZIP header handling flaw that lets re...
CVE-2004-0932
The CVE-2004-0932 issue affects McAfee Anti-Virus Engine DATS drivers before 4398 (and the DATS Driver before 4397). A crafted ZIP archive with both local and global headers set to zero can bypass antivirus protection and still be opened on the target system. This is a remote-exploitation-style b...
CVE-2004-0934
CVE-2004-0934 affects Kaspersky antivirus engines 3.x through 4.x. The connected material shows a ZIP archive header manipulation vulnerability where both the local and global headers can be set to zero, allowing the compressed file to be opened while bypassing protection. A PoC exists in ZIP han...
CVE-2004-1096
Archive::Zip (Perl) before 1.14 is affected; antivirus tools like amavisd-new can bypass protection by processing a ZIP with both local and global headers zeroed. The description notes the issue but does not specify fixed versions or patches in the provided sources. No exploitation details are gi...
CVE-2005-1693
CVE-2005-1693 involves an integer overflow in the Computer Associates Vet Antivirus library used by CA InoculateIT 6.0, eTrust Antivirus (r6.0–7.1), eTrust Antivirus for the Gateway (r7.0–r7.1), eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup r11.1, Vet Antiv...
CVE-2007-3875
CVE-2007-3875 : A DoS in CA/ eTrust Antivirus products caused by arclib.dll when processing a malformed CHM file. An invalid “previous listing chunk number” in CHM triggers an infinite loop, halting antivirus functionality. Affected CA products include CA Anti-Virus for the Enterprise (formerly e...
CVE-2005-3225
CVE-2005-3225 affects unspecified versions of eTrust-Iris and eTrust-Vet Antivirus. It involves a Multiple interpretation error in processing a malicious executable inside a specially crafted RAR file with malformed central and local headers, which can bypass virus detection and appear as valid t...
CVE-2006-3223
The CVE-2006-3223 issue affects CA ITM, eTrust Antivirus (eAV), and eTrust PestPatrol (ePP) version 8.0. It is a format string vulnerability in the scan job description field that can crash the process and potentially execute arbitrary code. The vulnerability arises from improper handling of form...
CVE-2005-3372
The CVE-2005-3372 entry concerns eTrust CA 7.0.1.4 (11.9.1 engine). The vulnerability arises from a magic byte bug: files with an unsuspecting extension (e.g., BAT, HTML, EML) containing an MZ EXE-like signature are treated as safe types but can still execute as dangerous content. This bypasses v...
CVE-2006-6496
CA vulnerability CVE-2006-6496 affects CA Anti-Virus 2007 v8.1, CA Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0, due to improper handling of NULL buffers in VetMONNT.sys and VetFDDNT.sys that allows a local administrator to crash the system via certain IOCTLs. The issue...