CVE-2009-3588

Description

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.

Affected products

• Broadcom / anti-virus2007 – 2007
• Broadcom / anti-virus2008 – 2008
• Broadcom / anti-virus_for_the_enterprise7.1 – 7.1
• Broadcom / anti-virus_for_the_enterpriser8 – r8
• Broadcom / anti-virus_sdk
• Broadcom / arcserve_backupr12.0 – r12.0
• Broadcom / arcserve_backupr12.0 – r12.0
• Broadcom / common_services11.1 – 11.1
• Broadcom / common_services11 – 11
• Broadcom / etrust_antivirus8.1 – 8.1
• Broadcom / etrust_antivirus7.1 – 7.1
• Broadcom / etrust_antivirus8 – 8
• Broadcom / etrust_integrated_threat_management8.1 – 8.1
• Broadcom / etrust_intrusion_detection3.0 – 3.0
• Broadcom / etrust_secure_content_manager1.1 – 1.1
• Broadcom / internet_security_suite
• Broadcom / internet_security_suite3.0 – 3.0
• Broadcom / network_and_systems_managementr11 – r11
• Broadcom / network_and_systems_managementr11.1 – r11.1
• Broadcom / network_and_systems_managementr3.0 – r3.0
• Broadcom / network_and_systems_managementr3.1 – r3.1
• Broadcom / secure_content_manager1.1 – 1.1
• Broadcom / secure_content_manager8.0 – 8.0
• Broadcom / unicenter_network_and_systems_management11 – 11
• Broadcom / unicenter_network_and_systems_management3.0 – 3.0
• Broadcom / unicenter_network_and_systems_management11.1 – 11.1
• Broadcom / unicenter_network_and_systems_management3.1 – 3.1
• ca / anti-virus2009 – 2009
• ca / anti-virus_for_the_enterpriser8.1 – r8.1
• ca / anti-virus_gateway7.1 – 7.1
• ca / anti-virus_plus2009 – 2009
• ca / arcserve_backupr11.1 – r11.1
• ca / arcserve_backupr11.5 – r11.5
• ca / arcserve_for_windows_client_agent
• ca / arcserve_for_windows_server_component
• ca / common_services3.1 – 3.1
• ca / etrust_anti-virus_gateway7.1 – 7.1
• ca / etrust_anti-virus_sdk
• ca / etrust_ez_antivirusr7.1 – r7.1
• ca / etrust_intrusion_detection2.0 – 2.0
• ca / etrust_intrusion_detection3.0 – 3.0
• ca / etrust_secure_content_manager8.0 – 8.0
• ca / gateway_securityr8.1 – r8.1
• ca / internet_security_suite_2008
• ca / internet_security_suite_plus_2008
• ca / internet_security_suite_plus_2009
• ca / protection_suitesr3 – r3
• ca / protection_suitesr3.1 – r3.1
• ca / protection_suitesr2 – r2
• ca / threat_manager8.1 – 8.1
• ca / threat_managerr8 – r8
• ca / threat_manager_total_defense

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/53698
• MISChttp://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878
• VENDOR_ADVISORYhttp://secunia.com/advisories/36976
• MISChttp://www.securitytracker.com/id?1022999
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/2852
• MISChttp://www.securityfocus.com/archive/1/507068/100/0/threaded
• MISChttp://www.securityfocus.com/bid/36653