Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-3587 | 3 Broadcom, Ca, Linux | 33 Anti-virus, Anti-virus For The Enterprise, Anti-virus Sdk and 30 more | 2021-11-15 | 9.3 HIGH | N/A |
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. | |||||
CVE-2007-2864 | 2 Broadcom, Ca | 13 Anti-virus For The Enterprise, Brightstor Arcserve Backup, Common Services and 10 more | 2021-04-14 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file. | |||||
CVE-2007-3875 | 2 Broadcom, Ca | 23 Anti-spyware, Anti-virus For The Enterprise, Anti Virus Sdk and 20 more | 2021-04-14 | 4.3 MEDIUM | N/A |
arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file. | |||||
CVE-2009-3588 | 4 Broadcom, Ca, Linux and 1 more | 35 Anti-virus, Anti-virus For The Enterprise, Anti-virus Sdk and 32 more | 2021-04-14 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587. | |||||
CVE-2006-6496 | 1 Broadcom | 2 Etrust Antivirus, Internet Security Suite | 2021-04-09 | 6.6 MEDIUM | N/A |
The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs. | |||||
CVE-2008-2926 | 2 Broadcom, Ca | 5 Internet Security Suite, Host Based Intrusion Prevention System, Internet Security Suite 2008 and 2 more | 2021-04-09 | 7.2 HIGH | N/A |
The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request. |