CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2017-6417
https://notcve.org/view.php?id=CVE-2017-6417
21 Mar 2017 — Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avira process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary ... • http://cybellum.com/doubleagent-taking-full-control-antivirus • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.3EPSS: 8%CPEs: 52EXPL: 0CVE-2009-3587
https://notcve.org/view.php?id=CVE-2009-3587
13 Oct 2009 — Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. Vulnerabilidad no espe... • http://osvdb.org/58691 •
CVSS: 7.5EPSS: 1%CPEs: 55EXPL: 0CVE-2009-3588
https://notcve.org/view.php?id=CVE-2009-3588
13 Oct 2009 — Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587. Vulnerabilidad inespecífica en el componente arclib en el... • http://secunia.com/advisories/36976 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2009-0682
https://notcve.org/view.php?id=CVE-2009-0682
19 Aug 2009 — vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of service (system crash) via a crafted call. vetmonnt.sys en CA Internet Security Suite r3, vetmonnt.sys anteriores a v9.0.0.184 en Internet Security Suite r4, y vetmonnt.sys anteriores a v10.0.0.217 en Internet Security Suite r5 no verifica adecuadamente las... • http://en.securitylab.ru/lab/PT-2009-05 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2008-2926
https://notcve.org/view.php?id=CVE-2008-2926
12 Aug 2008 — The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request. El Controlador kmxfw.sys en el Sistema de prevención de intrusiones basado en Host (Host-Based Intrusion Prevention System) r8 (HIPS-r8), como el utilizado en CA Internet Security Suite and Personal Firewall, no v... • http://secunia.com/advisories/31434 • CWE-20: Improper Input Validation •
CVSS: 6.2EPSS: 2%CPEs: 41EXPL: 0CVE-2007-3875
https://notcve.org/view.php?id=CVE-2007-3875
26 Jul 2007 — arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file. arclib.dll anterior a 7.3.0.9 en CA Anti-Virus (formalmente eTrust Antivirus) 8 y otros ciertos productos CA permiten a atacantes remotos provocar denegación de servicio (bucles infinitos y perdida de funcionalidad antivirus) a través d... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567 •
CVSS: 9.8EPSS: 81%CPEs: 33EXPL: 1CVE-2007-2864 – CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-2864
05 Jun 2007 — Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file. Desbordamiento de búfer basado en pila en el motor antivirus anterior a la actualización de contenido 30.6 de múltiples productos CA (antiguamente Computer Associates) permite a atacantes remotos ejecutar código de su elección mediante un valor largo no válido d... • https://www.exploit-db.com/exploits/16677 •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2006-6496
https://notcve.org/view.php?id=CVE-2006-6496
13 Dec 2006 — The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs. Los controladores de dispositivo (1) VetMONNT.sys y (2) VetFDDNT.sys de CA Anti-Virus 2007 8.1, Anti-Virus para Vista Beta 8.2 y CA Internet Security Suite 2007 v3.0 no gestionan apropiadamente búferes Null, lo... • http://crm.my-etrust.com/CIDocument.asp?KDId=2651&GUID=9FD7E4F8362C4A168D88B4FFA34DCB4C •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3377
https://notcve.org/view.php?id=CVE-2005-3377
29 Oct 2005 — Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" pro... • http://marc.info/?l=bugtraq&m=113026417802703&w=2 •