13 matches found
CVE-2009-0042
CVE-2009-0042 affects the Arclib library (arclib.dll) used by CA Security products. The vulnerability, described across CA Anti-Virus for Enterprise (7.1, r8, r8.1), Anti-Virus 2007 v8 and 2008, Internet Security Suite 2007 v3 and 2008, and other CA products, allows remote attackers to bypass vir...
CVE-2007-2864
CVE-2007-2864 describes a stack-based buffer overflow in the Computer Associates (CA) Anti-Virus engine when processing CAB archives. The vulnerability exists in the CAB file handling prior to content update 30.6, allowing a remote attacker to execute arbitrary code by delivering a specially craf...
CVE-2009-3588
CVE-2009-3588 (and 3587) describe a DoS vulnerability in CA’s arclib component used by CA Anti-Virus for Enterprise and related CA products. A crafted RAR archive can trigger stack corruption (CVE-3588) and heap corruption (CVE-3587); CVE-3587 also notes possible arbitrary-code execution. Affecte...
CVE-2009-3587
CA ARclib DoS vulnerabilities (CVE-2009-3587/3588) affect CA Anti-Virus for the Enterprise and related CA products; exploitation via crafted RAR archives can trigger heap or stack corruption and may lead to denial of service and possibly arbitrary code execution. Affected products listed include ...
CVE-2007-5003
CVE-2007-5003 concerns multiple stack-based buffer overflows in CA BrightStor ARCserve Backup for Laptops and Desktops, affecting r11.0 through r11.5. The vulnerability arises in the rxRPC.dll routines rxrLogin (long username and long password) and GetUserInfo (long username), allowing remote att...
CVE-2007-3875
CVE-2007-3875 : A DoS in CA/ eTrust Antivirus products caused by arclib.dll when processing a malformed CHM file. An invalid “previous listing chunk number” in CHM triggers an infinite loop, halting antivirus functionality. Affected CA products include CA Anti-Virus for the Enterprise (formerly e...
CVE-2006-5171
CVE-2006-5171 is a stack-based buffer overflow in the SUN RPC interface of Mediasvr.exe used by CA Brightstor ARCserve Backup (9.01–11.5), Enterprise Backup 10.5, and CA Protection Suites r2. The flaw allows remote attackers to execute arbitrary code via crafted SUNRPC packets. Related entries (e...
CVE-2007-5006
CA ARCserve Backup for Laptops and Desktops (L&D) versions r11.0–r11.5 are affected by CVE-2007-5006, an authentication-bypass flaw in the LGServer/rxRPC interface over TCP/1900. The vulnerability arises from command handlers that do not verify peer authentication, enabling remote attackers to ad...
CVE-2007-5005
CVE-2007-5005 affects CA ARCserve Backup for Laptops and Desktops, specifically rxRPC.dll in the rxrReceiveFileFromServer function, with r11.0–r11.5 susceptible. The vulnerability arises from directory traversal using a ..\ sequence in the destination filename, allowing a remote attacker to uploa...
CVE-2006-5172
The CVE-2006-5172 entry covers a stack-based buffer overflow in the SUN RPC service (SUNRPC interface) of Mediasvr.exe within CA Brightstor ARCserve Backup 9.01–11.5, CA Enterprise Backup 10.5, and CA Protection Suites r2. The underlying flaw is a buffer overflow triggered by crafted SUNRPC packe...
CVE-2008-3175
CVE-2008-3175 involves an integer/buffer overflow in the LGServer component (rxRPC.dll) of CA ARCserve Backup for Laptops and Desktops. All versions 11.0–11.5 are affected, with the LGServer service vulnerable to a crafted inbound message that can cause a buffer/underflow and allow a remote attac...
CVE-2007-3825
CA Alert Notification Server (alert.exe) is affected by multiple stack-based buffer overflows in its RPC handling, prior to version 8.0.255.0, used across Threat Manager for the Enterprise, Protection Suites, BrightStor ARCserve Backup, and BrightStor Enterprise Backup. The vulnerabilities allow ...
CVE-2007-5004
CVE-2007-5004 affects CA BrightStor ARCserve Backup for Laptops and Desktops (LGServer) r11.0–r11.5. An integer overflow in processing the authentication password (long username and crafted password) could allow a remote attacker to execute arbitrary code. Connected advisories/SAINT notes indicat...