Lucene search

MitreCVE-2007-2864

HistoryJun 06, 2007 - 9:30 p.m.

CVE-2007-2864

2007-06-0621:30:00

mitre

web.nvd.nist.gov

cve-2007-2864

buffer overflow

anti-virus engine

ca products

remote code execution

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.941

Percentile

99.2%

JSON

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

Affected configurations

Nvd

Node

broadcomanti-virus_for_the_enterpriseMatch8

broadcombrightstor_arcserve_backupMatch9.01

broadcombrightstor_arcserve_backupMatch10.5

broadcombrightstor_arcserve_backupMatch11

broadcombrightstor_arcserve_backupMatch11.1

broadcombrightstor_arcserve_backupMatch11.5

broadcomcommon_servicesMatch1.0

broadcomcommon_servicesMatch1.1

broadcomcommon_servicesMatch2.0

broadcomcommon_servicesMatch2.1

broadcomcommon_servicesMatch2.2

broadcomcommon_servicesMatch3.0

broadcometrust_antivirusMatch8.0

broadcometrust_antivirusMatch8.1

broadcometrust_antivirus_gatewayMatch7.1

broadcometrust_antivirus_sdk

broadcometrust_ez_antivirusMatch6.1

broadcometrust_ez_antivirusMatch7.0

broadcometrust_ez_armorMatch1.0

broadcometrust_ez_armorMatch2.0

broadcometrust_ez_armorMatch3.0

broadcometrust_ez_armorMatch3.1

broadcomintegrated_threat_managementMatch8.0

broadcominternet_security_suiteMatch1.0

broadcominternet_security_suiteMatch2.0

broadcominternet_security_suiteMatch3.0

broadcomunicenter_network_and_systems_managementMatch3.0

broadcomunicenter_network_and_systems_managementMatch3.1

broadcomunicenter_network_and_systems_managementMatch11

broadcomunicenter_network_and_systems_managementMatch11.1

caetrust_secure_content_managerMatch8.0

caprotection_suitesMatchr2

caprotection_suitesMatchr3

VendorProductVersionCPE
broadcomanti-virus_for_the_enterprise8cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup9.01cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup10.5cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup11cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup11.1cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup11.5cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
broadcomcommon_services1.0cpe:2.3:a:broadcom:common_services:1.0:*:*:*:*:*:*:*
broadcomcommon_services1.1cpe:2.3:a:broadcom:common_services:1.1:*:*:*:*:*:*:*
broadcomcommon_services2.0cpe:2.3:a:broadcom:common_services:2.0:*:*:*:*:*:*:*
broadcomcommon_services2.1cpe:2.3:a:broadcom:common_services:2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
broadcom	anti-virus_for_the_enterprise	8	cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:::::::*
broadcom	brightstor_arcserve_backup	9.01	cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:::::::*
broadcom	brightstor_arcserve_backup	10.5	cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:::::::*
broadcom	brightstor_arcserve_backup	11	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:::::::*
broadcom	brightstor_arcserve_backup	11.1	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:::::::*
broadcom	brightstor_arcserve_backup	11.5	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:::::::*
broadcom	common_services	1.0	cpe:2.3:a:broadcom:common_services:1.0:::::::*
broadcom	common_services	1.1	cpe:2.3:a:broadcom:common_services:1.1:::::::*
broadcom	common_services	2.0	cpe:2.3:a:broadcom:common_services:2.0:::::::*
broadcom	common_services	2.1	cpe:2.3:a:broadcom:common_services:2.1:::::::*