Computer Associates AntiVirus DoS
Published:		25.07.2007
Source:		BUGTRAQ
SecurityVulns ID:		7975
Type:		remote
Level:		5/10
Description:		Buffer overflow on CHM and RAR files parsing.

Affected:		CA : eTrust Antivirus 8
CVE:		CVE-2007-3875 (arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.)
		CVE-2006-5645 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.)
		CVE-2006-5645 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.)

Original document		security_(at)_nruns.com, [Full-disclosure] n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory (25.07.2007)
		CA, [Full-disclosure] [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities (25.07.2007)
		IDEFENSE, iDefense Security Advisory 07.24.07: Computer Associates AntiVirus CHM File Handling DoS Vulnerability (25.07.2007)

Discuss:

Read or add your comments to this news (0 comments)