CVE-2007-2863
CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file.
Desbordamiento de búfer basado en pila en el motor Anti-Virus antes de contener la actualización 30.6 en múltiples productos CA (antiguamente Computer Associates) permite a atacantes remotos ejecutar código de su elección mediante un nombre de fichero largo en el fichero .CAB.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Computer Associates products.
The specific flaw exists in the parsing of .CAB archives. When a long filename contained in the .CAB is processed by vete.dll an exploitable stack overflow may occur.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-05-24 CVE Reserved
- 2007-06-05 CVE Published
- 2024-03-02 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
http://securityreason.com/securityalert/2790 | Third Party Advisory | |
http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp | X_refsource_confirm | |
http://www.kb.cert.org/vuls/id/739409 | Third Party Advisory | |
http://www.osvdb.org/35244 | Vdb Entry | |
http://www.securityfocus.com/archive/1/470601/100/0/threaded | Mailing List | |
http://www.securityfocus.com/archive/1/470754/100/0/threaded | Mailing List | |
http://www.securitytracker.com/id?1018199 | Vdb Entry | |
http://www.vupen.com/english/advisories/2007/2072 | Vdb Entry | |
http://www.zerodayinitiative.com/advisories/ZDI-07-034.html | X_refsource_misc | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/34741 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/25570 | 2021-04-08 | |
http://www.securityfocus.com/bid/24331 | 2021-04-08 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Broadcom Search vendor "Broadcom" | Anti-virus For The Enterprise Search vendor "Broadcom" for product "Anti-virus For The Enterprise" | 8 Search vendor "Broadcom" for product "Anti-virus For The Enterprise" and version "8" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Brightstor Arcserve Backup Search vendor "Broadcom" for product "Brightstor Arcserve Backup" | 9.01 Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "9.01" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Brightstor Arcserve Backup Search vendor "Broadcom" for product "Brightstor Arcserve Backup" | 11.1 Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.1" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Brightstor Arcserve Backup Search vendor "Broadcom" for product "Brightstor Arcserve Backup" | 11.5 Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.5" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Brightstor Enterprise Backup Search vendor "Broadcom" for product "Brightstor Enterprise Backup" | 10.5 Search vendor "Broadcom" for product "Brightstor Enterprise Backup" and version "10.5" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Common Services Search vendor "Broadcom" for product "Common Services" | 1.0 Search vendor "Broadcom" for product "Common Services" and version "1.0" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Common Services Search vendor "Broadcom" for product "Common Services" | 1.1 Search vendor "Broadcom" for product "Common Services" and version "1.1" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Common Services Search vendor "Broadcom" for product "Common Services" | 2.0 Search vendor "Broadcom" for product "Common Services" and version "2.0" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Common Services Search vendor "Broadcom" for product "Common Services" | 2.1 Search vendor "Broadcom" for product "Common Services" and version "2.1" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Common Services Search vendor "Broadcom" for product "Common Services" | 2.2 Search vendor "Broadcom" for product "Common Services" and version "2.2" | - |
Affected
| ||||||
Broadcom Search vendor "Broadcom" | Common Services Search vendor "Broadcom" for product "Common Services" | 3.0 Search vendor "Broadcom" for product "Common Services" and version "3.0" | - |
Affected
| ||||||
Ca Search vendor "Ca" | Anti-virus For The Enterprise Search vendor "Ca" for product "Anti-virus For The Enterprise" | 8 Search vendor "Ca" for product "Anti-virus For The Enterprise" and version "8" | enterprise |
Affected
| ||||||
Ca Search vendor "Ca" | Brightstor Arcserve Backup Search vendor "Ca" for product "Brightstor Arcserve Backup" | 11 Search vendor "Ca" for product "Brightstor Arcserve Backup" and version "11" | windows |
Affected
|