---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: CA Anti-Virus Engine RAR Processing Two Vulnerabilities SECUNIA ADVISORY ID: SA36976 VERIFY ADVISORY: http://secunia.com/advisories/36976/ DESCRIPTION: Two vulnerabilities have been reported in multiple CA products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. 1) An error in the arclib component of the CA Anti-Virus engine can be exploited to corrupt heap memory via a specially crafted RAR archive. Successful exploitation may allow execution of arbitrary code. 2) An error in the arclib component of the CA Anti-Virus engine can be exploited to corrupt stack memory via a specially crafted RAR archive and cause a crash. The vulnerabilities are reported in the following products and versions: * CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1, r8, and r8.1 * CA Anti-Virus 2007 (v8), 2008, and 2009 * CA Anti-Virus Plus 2009 * eTrust EZ Antivirus r7.1 * CA Internet Security Suite 2007 (v3) and 2008 * CA Internet Security Suite Plus 2008 and 2009 * CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 and 8.1 * CA Threat Manager Total Defense * CA Gateway Security r8.1 * CA Protection Suites r2, r3, and r3.1 * CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1 and 8.0 * CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0, r3.1, r11, and r11.1 * CA ARCserve Backup r11.5 on Windows, r12 on Windows, r12.0 SP1 on Windows, r12.0 SP 2 on Windows, r12.5 on Windows, r11.1 Linux, and r11.5 Linux * CA ARCserve for Windows Client Agent * CA ARCserve for Windows Server component * CA eTrust Intrusion Detection 2.0 SP1, 3.0, and 3.0 SP1 * CA Common Services (CCS) r3.1, r11, and r11.1 * CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK) * CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1 SOLUTION: The vulnerability is fixed in arclib.dll version 8.1.4.0, released via automatic updates. Please see the vendor's advisory for detailed instructions on applying patches. PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller. ORIGINAL ADVISORY: CA20091008-01: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------