---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: CA Multiple Products Vet Antivirus Engine Buffer Overflow SECUNIA ADVISORY ID: SA15470 VERIFY ADVISORY: http://secunia.com/advisories/15470/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: BrightStor ARCserve Backup 11.x (for Windows) http://secunia.com/product/3099/ eTrust Antivirus 6.x http://secunia.com/product/4088/ eTrust Antivirus 7.x http://secunia.com/product/2198/ eTrust EZ Antivirus 6.x http://secunia.com/product/4091/ eTrust EZ Antivirus 7.x http://secunia.com/product/4338/ eTrust EZ Armor 2.x http://secunia.com/product/4092/ eTrust InoculateIT 6.x for Windows http://secunia.com/product/70/ eTrust Intrusion Detection 3.x http://secunia.com/product/3390/ eTrust Secure Content Manager (SCM) http://secunia.com/product/3391/ DESCRIPTION: Alex Wheeler has reported a vulnerability in various Computer Associates products, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow in the Vet Antivirus Engine (VetE.dll) when analysing OLE streams. This can be exploited to cause a heap-based buffer overflow via e.g. a specially crafted Microsoft Office document. Successful exploitation allows execution of arbitrary code. The vulnerability affects the following products: * CA InoculateIT 6.0 (all platforms, including Notes/Exchange) * eTrust Antivirus r6.0 (all platforms, including Notes/Exchange) * eTrust Antivirus r7.0 (all platforms, including Notes/Exchange) * eTrust Antivirus r7.1 (all platforms, including Notes/Exchange) * eTrust Antivirus for the Gateway r7.0 (all modules and platforms) * eTrust Antivirus for the Gateway r7.1 (all modules and platforms) * eTrust Secure Content Manager (all releases) * eTrust Intrusion Detection (all releases) * BrightStor ARCserve Backup (BAB) r11.1 Windows * eTrust EZ Antivirus r6.2 - r7.0.5 * eTrust EZ Armor r1.0 - r2.4.4 * eTrust EZ Armor LE r2.0 - r3.0.0.14 * Vet Antivirus r10.66 and below SOLUTION: Update to Vet engine 11.9.1 or later. PROVIDED AND/OR DISCOVERED BY: Alex Wheeler ORIGINAL ADVISORY: Alex Wheeler: http://www.rem0te.com/public/images/vet.pdf CA: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------