CAB handling issue affects swathe of products.
Two flaws related to the handling of CAB archive files by the
CA
anti-virus engine have been reported, rendering products across
CA
‘s range vulnerable exploitation allowing remote access to affected systems.
One flaw is a buffer overflow caused by excessively long filenames within CAB archives, while the second overflow relates to an error with input validation. The vulnerabilities affect products including
CA Anti-Virus
,
CA eTrust
,
Brightstor
and
Unicenter
, among others, and malicious exploitation of either issue could result in system compromise.
Both flaws were reported to
CA
several months ago, and updates have been released to fix the problems. Users are advised to ensure they are running products with the signature version 30.6 or higher, and to maintain a thorough policy of updating security products at all times.
The flaws were reported via
TippingPoint
‘s controversial
Zero Day Initiative
project, which carries details
here
and
here
, while
CA
‘s announcement is
here
. A summary from
Secunia
, rated ‘Highly Critical’, is
here
.
Posted on 06 June 2007 by
Virus Bulletin
Leave a Reply