CA杀毒引擎arclib库多个内存破坏漏洞

2009-10-12T00:00:00
ID SSV:12457
Type seebug
Reporter Root
Modified 2009-10-12T00:00:00

Description

BUGTRAQ ID: 36653 CVE ID: CVE-2009-3587,CVE-2009-3588

Computer Associates是世界领先的安全厂商,产品包括多种杀毒软件及备份恢复系统。

多个CA产品杀毒引擎所使用的arclib组件在解析畸形RAR压缩文件时存在堆或栈内存破坏,用户受骗打开恶意文件就会导致拒绝服务或执行任意指令。

Computer Associates eTrust Intrusion Detection 3.0 SP1 Computer Associates eTrust Intrusion Detection 3.0 Computer Associates eTrust Intrusion Detection 2.0 SP1 Computer Associates Common Services r3.1 Computer Associates Common Services r11.1 Computer Associates Common Services r11 Computer Associates Anti-Virus Plus 2009 Computer Associates Anti-Virus for the Enterprise r8.1 Computer Associates Anti-Virus for the Enterprise r8 Computer Associates Anti-Virus for the Enterprise 7.1 Computer Associates Anti-Virus 2009 Computer Associates Anti-Virus 2008 Computer Associates Anti-Virus 2007 (v8) Computer Associates Internet Security Suite Plus 2009 Computer Associates Internet Security Suite Plus 2008 Computer Associates Internet Security Suite 2008 Computer Associates Internet Security Suite 2007 v3.0 Computer Associates Protection Suites 3.1 Computer Associates Protection Suites 3 Computer Associates Protection Suites 2 Computer Associates Threat Manager for the Enterprise r8.1 Computer Associates Threat Manager for the Enterprise r8 Computer Associates Secure Content Manager 8.0 Computer Associates Secure Content Manager 1.1 Computer Associates ARCserve Backup r12.0 SP2 Computer Associates ARCserve Backup r12.0 SP1 Computer Associates ARCserve Backup r12.0 Computer Associates ARCserve Backup r11.5 Computer Associates ARCserve Backup r11.1 Computer Associates Gateway Security r8.1 Computer Associates NSM 3.1 Computer Associates NSM 3.0 Computer Associates NSM 11.1 Computer Associates NSM 11 Computer Associates Anti-Virus Gateway 7.1 厂商补丁:

Computer Associates

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.cai.com/