CVE-2007-3875
iDEFENSE Security Advisory 2007-07-24.1
Severity Score
6.2
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.
arclib.dll anterior a 7.3.0.9 en CA Anti-Virus (formalmente eTrust Antivirus) 8 y otros ciertos productos CA permiten a atacantes remotos provocar denegación de servicio (bucles infinitos y perdida de funcionalidad antivirus) a través de un campo"listado previo de un trozo de número" en un cierto archivo CHM.
Remote exploitation of a denial of Service (DoS) vulnerability in Computer Associates Inc.'s eTrust Antivirus products could allow attackers to create a DoS condition on the affected computer. When eTrust Antivirus engine scans a malformed CHM file that has an invalid 'previous listing chunk number' field, the scanner will enter an infinite loop and be unable to process any other files. iDefense has confirmed this vulnerability in eTrust AntiVirus version r8. Previous versions of eTrust Antivirus are suspected vulnerable. Other Computer Associates products, as well as derived products, may also be vulnerable.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-07-18 CVE Reserved
- 2007-07-25 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847 | X_refsource_confirm | |
| http://www.securityfocus.com/archive/1/474601/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/474605/100/100/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/474683/100/0/threaded | Mailing List | |
| http://www.securitytracker.com/id?1018450 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/2639 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35573 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567 | 2021-04-14 | |
| http://secunia.com/advisories/26155 | 2021-04-14 | |
| http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp | 2021-04-14 | |
| http://www.securityfocus.com/bid/25049 | 2021-04-14 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Broadcom Search vendor "Broadcom" | Anti-spyware Search vendor "Broadcom" for product "Anti-spyware" | 2007 Search vendor "Broadcom" for product "Anti-spyware" and version "2007" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Anti-virus For The Enterprise Search vendor "Broadcom" for product "Anti-virus For The Enterprise" | <= 8 Search vendor "Broadcom" for product "Anti-virus For The Enterprise" and version " <= 8" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Anti-virus For The Enterprise Search vendor "Broadcom" for product "Anti-virus For The Enterprise" | 7.0 Search vendor "Broadcom" for product "Anti-virus For The Enterprise" and version "7.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Anti-virus For The Enterprise Search vendor "Broadcom" for product "Anti-virus For The Enterprise" | 7.1 Search vendor "Broadcom" for product "Anti-virus For The Enterprise" and version "7.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Anti-virus For The Enterprise Search vendor "Broadcom" for product "Anti-virus For The Enterprise" | 8 Search vendor "Broadcom" for product "Anti-virus For The Enterprise" and version "8" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Anti-virus For The Enterprise Search vendor "Broadcom" for product "Anti-virus For The Enterprise" | 8.1 Search vendor "Broadcom" for product "Anti-virus For The Enterprise" and version "8.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Anti Virus Sdk Search vendor "Broadcom" for product "Anti Virus Sdk" | * | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Antispyware For The Enterprise Search vendor "Broadcom" for product "Antispyware For The Enterprise" | 8 Search vendor "Broadcom" for product "Antispyware For The Enterprise" and version "8" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Antispyware For The Enterprise Search vendor "Broadcom" for product "Antispyware For The Enterprise" | 8.1 Search vendor "Broadcom" for product "Antispyware For The Enterprise" and version "8.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Antivirus Sdk Search vendor "Broadcom" for product "Antivirus Sdk" | * | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Brightstor Arcserve Backup Search vendor "Broadcom" for product "Brightstor Arcserve Backup" | 9.01 Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "9.01" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Brightstor Arcserve Backup Search vendor "Broadcom" for product "Brightstor Arcserve Backup" | 11.1 Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Brightstor Arcserve Backup Search vendor "Broadcom" for product "Brightstor Arcserve Backup" | 11.5 Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.5" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Brightstor Arcserve Client Search vendor "Broadcom" for product "Brightstor Arcserve Client" | * | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Brightstor Enterprise Backup Search vendor "Broadcom" for product "Brightstor Enterprise Backup" | 10.5 Search vendor "Broadcom" for product "Brightstor Enterprise Backup" and version "10.5" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Brigthstor Arcserve Client For Windows Search vendor "Broadcom" for product "Brigthstor Arcserve Client For Windows" | * | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Common Services Search vendor "Broadcom" for product "Common Services" | 11 Search vendor "Broadcom" for product "Common Services" and version "11" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Common Services Search vendor "Broadcom" for product "Common Services" | 11.1 Search vendor "Broadcom" for product "Common Services" and version "11.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Antivirus Search vendor "Broadcom" for product "Etrust Antivirus" | 8 Search vendor "Broadcom" for product "Etrust Antivirus" and version "8" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Antivirus Gateway Search vendor "Broadcom" for product "Etrust Antivirus Gateway" | 7.1 Search vendor "Broadcom" for product "Etrust Antivirus Gateway" and version "7.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Antivirus Search vendor "Broadcom" for product "Etrust Ez Antivirus" | 6.1 Search vendor "Broadcom" for product "Etrust Ez Antivirus" and version "6.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Antivirus Search vendor "Broadcom" for product "Etrust Ez Antivirus" | 7 Search vendor "Broadcom" for product "Etrust Ez Antivirus" and version "7" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Armor Search vendor "Broadcom" for product "Etrust Ez Armor" | 1 Search vendor "Broadcom" for product "Etrust Ez Armor" and version "1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Armor Search vendor "Broadcom" for product "Etrust Ez Armor" | 2 Search vendor "Broadcom" for product "Etrust Ez Armor" and version "2" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Armor Search vendor "Broadcom" for product "Etrust Ez Armor" | 3 Search vendor "Broadcom" for product "Etrust Ez Armor" and version "3" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Internet Security Suite Search vendor "Broadcom" for product "Etrust Internet Security Suite" | 1 Search vendor "Broadcom" for product "Etrust Internet Security Suite" and version "1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Internet Security Suite Search vendor "Broadcom" for product "Etrust Internet Security Suite" | 2 Search vendor "Broadcom" for product "Etrust Internet Security Suite" and version "2" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Intrusion Detection Search vendor "Broadcom" for product "Etrust Intrusion Detection" | 2.0 Search vendor "Broadcom" for product "Etrust Intrusion Detection" and version "2.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Intrusion Detection Search vendor "Broadcom" for product "Etrust Intrusion Detection" | 3.0 Search vendor "Broadcom" for product "Etrust Intrusion Detection" and version "3.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Internet Security Suite Search vendor "Broadcom" for product "Internet Security Suite" | 3.0 Search vendor "Broadcom" for product "Internet Security Suite" and version "3.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Secure Content Manager Search vendor "Broadcom" for product "Secure Content Manager" | 1.1 Search vendor "Broadcom" for product "Secure Content Manager" and version "1.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Secure Content Manager Search vendor "Broadcom" for product "Secure Content Manager" | 8.0 Search vendor "Broadcom" for product "Secure Content Manager" and version "8.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Threat Manager Search vendor "Broadcom" for product "Threat Manager" | 8 Search vendor "Broadcom" for product "Threat Manager" and version "8" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Unicenter Network And Systems Management Search vendor "Broadcom" for product "Unicenter Network And Systems Management" | 3.0 Search vendor "Broadcom" for product "Unicenter Network And Systems Management" and version "3.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Unicenter Network And Systems Management Search vendor "Broadcom" for product "Unicenter Network And Systems Management" | 3.1 Search vendor "Broadcom" for product "Unicenter Network And Systems Management" and version "3.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Unicenter Network And Systems Management Search vendor "Broadcom" for product "Unicenter Network And Systems Management" | 11 Search vendor "Broadcom" for product "Unicenter Network And Systems Management" and version "11" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Unicenter Network And Systems Management Search vendor "Broadcom" for product "Unicenter Network And Systems Management" | 11.1 Search vendor "Broadcom" for product "Unicenter Network And Systems Management" and version "11.1" | - |
Affected
| ||||||
| Ca Search vendor "Ca" | Brightstor Arcserve Backup Search vendor "Ca" for product "Brightstor Arcserve Backup" | 11 Search vendor "Ca" for product "Brightstor Arcserve Backup" and version "11" | windows |
Affected
| ||||||
| Ca Search vendor "Ca" | Etrust Intrusion Detection Search vendor "Ca" for product "Etrust Intrusion Detection" | 3.0 Search vendor "Ca" for product "Etrust Intrusion Detection" and version "3.0" | sp1 |
Affected
| ||||||
| Ca Search vendor "Ca" | Protection Suites Search vendor "Ca" for product "Protection Suites" | r2 Search vendor "Ca" for product "Protection Suites" and version "r2" | - |
Affected
| ||||||
| Ca Search vendor "Ca" | Protection Suites Search vendor "Ca" for product "Protection Suites" | r3 Search vendor "Ca" for product "Protection Suites" and version "r3" | - |
Affected
| ||||||