CA Antivirus engine CAB handling buffer overflow

Added: 06/07/2007
CVE: CVE-2007-2864
BID: 24330
OSVDB: 35245

Background

The CA Antivirus engine is included in multiple CA products.

Problem

A buffer overflow vulnerability in the CA Antivirus engine allows command execution when a CAB file containing a specially crafted "coffFiles" field is scanned.

Resolution

Apply content update 30.6 as described in the CA Security Notice.

References

http://www.zerodayinitiative.com/advisories/ZDI-07-035.html

Limitations

Exploit works on CA eTrust Antivirus 8.1.637 and requires a user to download and open the exploit file.

Platforms

Windows

Back to exploit index