Vulnerability Note VU#105105
Computer Associates Anti-Virus engine fails to properly handle malformed CAB archives
The Computer Associates Anti-Virus engine contains a stack-based buffer overflow that may allow a remote, unauthenticated attacker to execute arbitrary code.
The Computer Associates Anti-Virus engine contains a stack-based buffer overflow in the code responsible for processing CAB archives. Specifically, the Computer Associates Anti-Virus engine fails to properly validate the size of the coffFiles field in CAB archives before it is copied to a stack buffer. This may allow a stack-based buffer overflow to occur.
This vulnerability affects numerous Computer Associates products, including:
A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition..
Apply an Update
According to the Computer Associates Security Notice issued June 5th, 2007:
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Computer Associates||Affected||-||06 Jun 2007|
CVSS Metrics (Learn More)
This vulnerability was reported by in Tipping Point advisory ZDI-07-035.
This document was written by Jeff Gennari.
- CVE IDs: CVE-2007-2864
- Date Public: 05 Jun 2007
- Date First Published: 06 Jun 2007
- Date Last Updated: 06 Jun 2007
- Severity Metric: 15.19
- Document Revision: 12
If you have feedback, comments, or additional information about this vulnerability, please send us email.