Vulnerability CVE-2009-0042


Published: 2009-01-27   Modified: 2012-02-13

Description:
Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.

See advisories in our WLB2 database:
Topic
Author
Date
High
CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities
Williams, James ...
13.05.2009

Type:

CWE-noinfo

Vendor: CA
Product: Arcserve client agent 
Version: _nil_;
Product: Threat manager for the enterprise 
Version: r8; 8.1;
Product: Anti-virus for the enterprise 
Version:
r8
8.1
7.1
Product: Anti-spyware for the enterprise 
Version: r8; 8.1;
Product: Etrust ez antivirus 
Version: r7; r6.1;
Product: Protection suites 
Version:
r3.1
r3
r2
Product: Network and systems management 
Version:
r3.1
r3.0
r11.1
r11
Product: Arcserve backup 
Version:
r12.0_nil_
r11.5_nil_
r11.1
Product: Secure content manager 
Version: 8.1; 8.0;
Product: Antivirus gateway 
Version: 7.1;
Product: Etrust intrusion detection 
Version:
4.0
3.0
2.0
Product: Internet security suite 2007 
Version: 3;
Product: Anti-virus 
Version: 2008; 2007;
Product: Anti-spyware 
Version: 2008; 2007;
Product: Common services 
Version: 11.1; 11;
Product: Internet security suite 2008 
Product: Anti-virus sdk 
Product: Internet security suite plus 2008 

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601
http://www.securityfocus.com/archive/1/500417/100/0/threaded
http://www.securityfocus.com/bid/33464
http://www.securitytracker.com/id?1021639
http://www.vupen.com/english/advisories/2009/0270
https://exchange.xforce.ibmcloud.com/vulnerabilities/48261

Related CVE
CVE-2019-7392
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
CVE-2018-19635
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.
CVE-2018-19634
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.
CVE-2018-13826
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.
CVE-2018-13825
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.
CVE-2018-13824
Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.
CVE-2018-13823
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.
CVE-2018-13822
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.

Copyright 2019, cxsecurity.com

 

Back to Top