Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0042

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-0042
Last Modified 07 Mar 2011 10:17:48
Published 27 Jan 2009 08:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0042

Summary

Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.

Vulnerable Systems

Application

  • Ca Anti-spyware 2007

  • Ca Anti-spyware 2008

  • Ca Anti-spyware For The Enterprise 8.1

  • Ca Anti-spyware For The Enterprise R8

  • Ca Anti-virus 2007

  • Ca Anti-virus 2008

  • Ca Anti-virus For The Enterprise 7.1

  • Ca Anti-virus For The Enterprise 8.1

  • Ca Anti-virus For The Enterprise R8

  • Ca Anti-virus Sdk

  • Ca Antivirus Gateway 7.1

  • Ca Arcserve Backup R11.1

  • Ca Arcserve Backup R11.5 Nil

  • Ca Arcserve Backup R12.0 Nil

  • Ca Arcserve Client Agent Nil

  • Ca Common Services 11

  • Ca Common Services 11.1

  • Ca Etrust Ez Antivirus R6.1

  • Ca Etrust Ez Antivirus R7

  • Ca Etrust Intrusion Detection 2.0

  • Ca Etrust Intrusion Detection 3.0

  • Ca Etrust Intrusion Detection 4.0

  • Ca Internet Security Suite 2007 3

  • Ca Internet Security Suite 2008

  • Ca Internet Security Suite Plus 2008

  • Ca Network And Systems Management R11

  • Ca Network And Systems Management R11.1

  • Ca Network And Systems Management R3.0

  • Ca Network And Systems Management R3.1

  • Ca Protection Suites R2

  • Ca Protection Suites R3

  • Ca Protection Suites R3.1

  • Ca Secure Content Manager 8.0

  • Ca Secure Content Manager 8.1

  • Ca Threat Manager For The Enterprise 8.1

  • Ca Threat Manager For The Enterprise R8


References

XF - ca-antivirus-engine-security-bypass(48261)

VUPEN - ADV-2009-0270

SECTRACK - 1021639

BID - 33464

BUGTRAQ - 20090127 CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities

CONFIRM - http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601

CONFIRM - http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx


Last Updated: 27 May 2016 10:50:06