CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability

ID ZDI-07-034
Type zdi
Reporter Anonymous
Modified 2007-11-09T00:00:00


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Computer Associates products.

The specific flaw exists in the parsing of .CAB archives. When a long filename contained in the .CAB is processed by vete.dll an exploitable stack overflow may occur.