Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-07-034
HistoryJun 05, 2007 - 12:00 a.m.

CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability

2007-06-0500:00:00
Anonymous
www.zerodayinitiative.com
14

0.213 Low

EPSS

Percentile

96.5%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Computer Associates products. The specific flaw exists in the parsing of .CAB archives. When a long filename contained in the .CAB is processed by vete.dll an exploitable stack overflow may occur.

Related

cert 1
securityvulns 3
prion 1
nvd 1
cvelist 1
cve 1
checkpoint_security 1
cert
cert
Computer Associates Anti-Virus engine fails to properly handle long file names in CAB archives
2007-06-06 00:00:00
securityvulns
securityvulns
[Full-disclosure] ZDI-07-034: CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability
2007-06-06 00:00:00
CA multiple antiviral products buffer overflow
2007-06-11 00:00:00
[CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities
2007-06-11 00:00:00
prion
prion
Stack overflow
2007-06-06 21:30:00
nvd
nvd
CVE-2007-2863
2007-06-06 21:30:00
cvelist
cvelist
CVE-2007-2863
2007-06-06 21:00:00
cve
cve
CVE-2007-2863
2007-06-06 21:30:00
checkpoint_security
checkpoint_security
CA Products Anti-Virus Engine CAB File Handling Vulnerabilities (CVE-2007-2863, CVE-2007-2864)
2007-06-09 21:00:00

0.213 Low

EPSS

Percentile

96.5%

JSON
Related for ZDI-07-034
cert1securityvulns3prion1nvd1cvelist1cve1checkpoint_security1