Vulnerability CVE-2007-2864


Published: 2007-06-06   Modified: 2012-02-12

Description:
Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

Type:

CWE-Other

Vendor: CA
Product: Protection suites 
Version: r3; r2;
Product: Brightstor arcserve backup 
Version:
9.01
11.5
11.1
11
10.5
Product: Etrust antivirus 
Version: 8.1; 8.0;
Product: Etrust secure content manager 
Version: 8.0;
Product: Integrated threat management 
Version: 8.0;
Product: Anti-virus for the enterprise 
Version: 8;
Product: Etrust antivirus gateway 
Version: 7.1;
Product: Etrust ez antivirus 
Version: 7.0; 6.1;
Product: Unicenter network and systems management 
Version:
3.1
3.0
11.1
11
Product: Etrust ez armor 
Version:
3.1
3.0
2.0
1.0
Product: Internet security suite 
Version:
3.0
2.0
1.0
Product: Common services 
Version:
3.0
2.2
2.1
2.0
1.1
1.0
Product: Etrust antivirus sdk 

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp
http://www.kb.cert.org/vuls/id/105105
http://www.securityfocus.com/archive/1/470602/100/0/threaded
http://www.securityfocus.com/archive/1/470754/100/0/threaded
http://www.securityfocus.com/bid/24330
http://www.securitytracker.com/id?1018199
http://www.vupen.com/english/advisories/2007/2072
http://www.zerodayinitiative.com/advisories/ZDI-07-035.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/34737

Related CVE
CVE-2019-7392
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
CVE-2018-19635
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.
CVE-2018-19634
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.
CVE-2018-13826
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.
CVE-2018-13825
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.
CVE-2018-13824
Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.
CVE-2018-13823
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.
CVE-2018-13822
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.

Copyright 2019, cxsecurity.com

 

Back to Top