Critical CA Antivirus Flaws Affect Multiple Products
In a Tuesday advisory, CA said an attacker could trigger the vulnerabilities by sending a rigged CAB file with an overly long filename to the antivirus engine.
If successful, the attacker would be able to execute malicious code with system-level privileges, or at the very least create a denial of service situation by crashing the machine, said CA, Islandia, N.Y.
Versions of the CA antivirus engine prior to 30.6 are vulnerable, CA said.
Affected products include: CA Antivirus for the Enterprise (r8 and r8.1); CA Antivirus 2007 (v8); CA Internet Security Suite 2007 (v3); CA Secure Content Manager 8.0; CA Anti-Virus Gateway 7.1, and BrightStor ARCserve Backup (r11.1).
CA gave the vulnerabilities its highest risk rating of 'high', while Symantec's Deepsight Threat Management System also slapped them with its highest severity rating, 10 out of 10.
The vulnerabilities were reported to CA by an anonymous researcher through TippingPoint's Zero Day Initiative, a controversial program that pays researchers for the security vulnerabilities they uncover.