CA multiple antiviral products buffer overflow - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

CA multiple antiviral products buffer overflow
updated since 06.06.2007
Published: 11.06.2007
Source: BUGTRAQ
SecurityVulns ID: 7784
Type: remote
Level: 7/10
Description: Buffer overflow on CAB archives parsing.

CVE: CVE-2007-2864 (Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.)
CVE-2007-2863 (Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file.)

Original document CA, [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities (11.06.2007)

ZDI, [Full-disclosure] ZDI-07-034: CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability (06.06.2007)

ZDI, ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability (06.06.2007)

Discuss: Read or add your comments to this news (0 comments)