8 results (0.006 seconds)

CVSS: 4.3EPSS: 97%CPEs: 14EXPL: 0

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations. El analizador de archivos CAB en Dr.Web v5.0.2.03300, Trend Micro HouseCall v9.120.0.1004, Kaspersky Anti-Virus v7.0.0.125, Sophos Anti-Virus v4.61.0, Trend Micro AntiVirus v9.120.0.1004, McAfee Gateway (anteriormente Webwasher) v2010.1C , a-squared Anti-Malware v5.1.0.1, CA eTrust Antivirus Vet v36.1.8511, Laboratorios Antiy AVL SDK v2.0.3.7, Antimalware Engine v1.1.6402.0 en el Microsoft Security Essentials v2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner v1.1.97.0, Fortinet Antivirus 4.2.254.0, y Panda Antivirus 10.0.2.7 permite a atacantes remotos evitar la detección de malware a través de un archivo CAB con un campo coffFiles modificado. NOTA: esto más adelante se puede dividir en varios CVEs si la información adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador CAB. • http://osvdb.org/80482 http://osvdb.org/80483 http://osvdb.org/80484 http://osvdb.org/80485 http://osvdb.org/80486 http://osvdb.org/80487 http://osvdb.org/80488 http://osvdb.org/80489 http://www.ieee-security.org/TC/SP2012/program.html http://www.securityfocus.com/archive/1/522005 http://www.securityfocus.com/bid/52621 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 21%CPEs: 2EXPL: 0

Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request. Icihttp.exe en CA Gateway Security para HTTP, como se usa en CA Gateway Security v8.1 antes de v8.1.0.69 y CA Total Defense r12, no analiza correctamente las direcciones URL, lo que permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria dinámica y caída del demonio) a través de una solicitud mal formada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Suite r12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Icihttp.exe module (CA Gateway Security for HTTP), which responds to incoming HTTP requests on port 8080. Due to a flawed copy-loop algorithm in the URL parsing routine, it is possible for a remote unauthenticated user to cause an exploitable heap corruption condition. • http://secunia.com/advisories/45332 http://securityreason.com/securityalert/8316 http://securitytracker.com/id?1025812 http://securitytracker.com/id?1025813 http://www.securityfocus.com/archive/1/518934/100/0/threaded http://www.securityfocus.com/archive/1/518935/100/0/threaded http://www.securityfocus.com/bid/48813 http://www.zerodayinitiative.com/advisories/ZDI-11-237 https://exchange.xforce.ibmcloud.com/vulnerabilities/68736 https://support.ca.com/irj/portal/anonymous/phpsupcontent?conten • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 9%CPEs: 2EXPL: 0

The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow. El componente eCS (ECSQdmn.exe) en CA ETrust Secure Content Manager versión 8.0 y CA Gateway Security versión 8.1, permite a los atacantes remotos causar una denegación de servicio (bloqueo) y ejecutar código arbitrario por medio de una petición especialmente diseñada hacia el puerto 1882, que implica un cálculo de enteros incorrecto y un desbordamiento de búfer en la región heap de la memoria. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the eTrust Common Services Transport (ECSQdmn.exe) running on port 1882. When making a request to this service a user supplied DWORD value is used in a memory copy operation. • http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ca http://osvdb.org/70840 http://secunia.com/advisories/43200 http://securityreason.com/securityalert/8075 http://www.securityfocus.com/archive/1/516277/100/0/threaded http://www.securityfocus.com/bid/46253 http://www.securitytracker.com/id?1025052 http://www.vupen.com/english/advisories/2011/0306 http://www.zerodayinitiative.com/advisories/ZDI-11-059 https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID= • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 23%CPEs: 52EXPL: 0

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. Vulnerabilidad no especificada en el componente arclib en el motor Anti-Virus en CA Anti-Virus para Enterprise (formalmente eTrust Antivirus) v7.1 hasta v8.1; Anti-Virus 2007 (v8) hasta 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) hasta Plus 2009; y otros productos CA permite a atacantes remotos causar una denegación de servicio y ejecutar probablemente código de su elección a través del archivo RAR manipulado que provoca una corrupción de la memoria dinámica, una vulnerabilidad diferente que CVE-2009-3588. • http://osvdb.org/58691 http://secunia.com/advisories/36976 http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878 http://www.securityfocus.com/archive/1/507068/100/0/threaded http://www.securityfocus.com/bid/36653 http://www.securitytracker.com/id?1022999 http://www.vupen.com/english/advisories/2009/2852 https://exchange.xforce.ibmcloud.com/vulnerabilities/53697 •

CVSS: 4.3EPSS: 8%CPEs: 55EXPL: 0

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587. Vulnerabilidad inespecífica en el componente arclib en el motor antivirus en CA Anti-Virus para empresas (anteriormente eTrust Antivirus) desde v7.1 hasta r8.1; Anti-Virus desde 2007 (v8) hasta 2009; eTrust EZ Antivirus r7.1; Internet Security Suite desde 2007 (v3) hasta Plus 2009; y otros productos de CA permite a atacantes remotos producir una denegación de servicio a través de un archivo RAR manipulado que inicia la corrupción de la pila, una vulnerabilidad diferente que CVE-2009-3587. • http://secunia.com/advisories/36976 http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878 http://www.securityfocus.com/archive/1/507068/100/0/threaded http://www.securityfocus.com/bid/36653 http://www.securitytracker.com/id?1022999 http://www.vupen.com/english/advisories/2009/2852 https://exchange.xforce.ibmcloud.com/vulnerabilities/53698 •