CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.4%
Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
Vendor | Product | Version | CPE |
---|---|---|---|
broadcom | antispyware_for_the_enterprise | 8.0 | cpe:2.3:a:broadcom:antispyware_for_the_enterprise:8.0:*:*:*:*:*:*:* |
broadcom | etrust_integrated_threat_management | 8.0 | cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.0:*:*:*:*:*:*:* |
broadcom | etrust_pestpatrol | 8.0 | cpe:2.3:a:broadcom:etrust_pestpatrol:8.0:*:*:*:*:*:*:* |
lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.html
secunia.com/advisories/25202
supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp
www.kb.cert.org/vuls/id/680616
www.osvdb.org/34585
www.securityfocus.com/archive/1/468304/100/0/threaded
www.securityfocus.com/bid/23906
www.securitytracker.com/id?1018043
www.vupen.com/english/advisories/2007/1750
www.zerodayinitiative.com/advisories/ZDI-07-028.html
exchange.xforce.ibmcloud.com/vulnerabilities/34204