CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability

2007-06-05T00:00:00
ID ZDI-07-034
Type zdi
Reporter Anonymous
Modified 2007-11-09T00:00:00

Description

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Computer Associates products.

The specific flaw exists in the parsing of .CAB archives. When a long filename contained in the .CAB is processed by vete.dll an exploitable stack overflow may occur.