// For flags

CVE-2007-2863

CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file.

Desbordamiento de búfer basado en pila en el motor Anti-Virus antes de contener la actualización 30.6 en múltiples productos CA (antiguamente Computer Associates) permite a atacantes remotos ejecutar código de su elección mediante un nombre de fichero largo en el fichero .CAB.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Computer Associates products.
The specific flaw exists in the parsing of .CAB archives. When a long filename contained in the .CAB is processed by vete.dll an exploitable stack overflow may occur.

*Credits: Anonymous
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-05-24 CVE Reserved
  • 2007-06-05 CVE Published
  • 2024-03-02 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Broadcom
Search vendor "Broadcom"
Anti-virus For The Enterprise
Search vendor "Broadcom" for product "Anti-virus For The Enterprise"
8
Search vendor "Broadcom" for product "Anti-virus For The Enterprise" and version "8"
-
Affected
Broadcom
Search vendor "Broadcom"
Brightstor Arcserve Backup
Search vendor "Broadcom" for product "Brightstor Arcserve Backup"
9.01
Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "9.01"
-
Affected
Broadcom
Search vendor "Broadcom"
Brightstor Arcserve Backup
Search vendor "Broadcom" for product "Brightstor Arcserve Backup"
11.1
Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.1"
-
Affected
Broadcom
Search vendor "Broadcom"
Brightstor Arcserve Backup
Search vendor "Broadcom" for product "Brightstor Arcserve Backup"
11.5
Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.5"
-
Affected
Broadcom
Search vendor "Broadcom"
Brightstor Enterprise Backup
Search vendor "Broadcom" for product "Brightstor Enterprise Backup"
10.5
Search vendor "Broadcom" for product "Brightstor Enterprise Backup" and version "10.5"
-
Affected
Broadcom
Search vendor "Broadcom"
Common Services
Search vendor "Broadcom" for product "Common Services"
1.0
Search vendor "Broadcom" for product "Common Services" and version "1.0"
-
Affected
Broadcom
Search vendor "Broadcom"
Common Services
Search vendor "Broadcom" for product "Common Services"
1.1
Search vendor "Broadcom" for product "Common Services" and version "1.1"
-
Affected
Broadcom
Search vendor "Broadcom"
Common Services
Search vendor "Broadcom" for product "Common Services"
2.0
Search vendor "Broadcom" for product "Common Services" and version "2.0"
-
Affected
Broadcom
Search vendor "Broadcom"
Common Services
Search vendor "Broadcom" for product "Common Services"
2.1
Search vendor "Broadcom" for product "Common Services" and version "2.1"
-
Affected
Broadcom
Search vendor "Broadcom"
Common Services
Search vendor "Broadcom" for product "Common Services"
2.2
Search vendor "Broadcom" for product "Common Services" and version "2.2"
-
Affected
Broadcom
Search vendor "Broadcom"
Common Services
Search vendor "Broadcom" for product "Common Services"
3.0
Search vendor "Broadcom" for product "Common Services" and version "3.0"
-
Affected
Ca
Search vendor "Ca"
Anti-virus For The Enterprise
Search vendor "Ca" for product "Anti-virus For The Enterprise"
8
Search vendor "Ca" for product "Anti-virus For The Enterprise" and version "8"
enterprise
Affected
Ca
Search vendor "Ca"
Brightstor Arcserve Backup
Search vendor "Ca" for product "Brightstor Arcserve Backup"
11
Search vendor "Ca" for product "Brightstor Arcserve Backup" and version "11"
windows
Affected