Critical CA Antivirus Flaws Affect Multiple Products

Printer-friendly version Email this CRN article

CA, the vendor previously known as Computer Associates, on Tuesday issued an update for a pair of stack based buffer overflow vulnerabilities in the antivirus engine it ships with many of its products.

In a Tuesday advisory, CA said an attacker could trigger the vulnerabilities by sending a rigged CAB file with an overly long filename to the antivirus engine.

If successful, the attacker would be able to execute malicious code with system-level privileges, or at the very least create a denial of service situation by crashing the machine, said CA, Islandia, N.Y.

Versions of the CA antivirus engine prior to 30.6 are vulnerable, CA said.

Affected products include: CA Antivirus for the Enterprise (r8 and r8.1); CA Antivirus 2007 (v8); CA Internet Security Suite 2007 (v3); CA Secure Content Manager 8.0; CA Anti-Virus Gateway 7.1, and BrightStor ARCserve Backup (r11.1).

CA gave the vulnerabilities its highest risk rating of 'high', while Symantec's Deepsight Threat Management System also slapped them with its highest severity rating, 10 out of 10.

The vulnerabilities were reported to CA by an anonymous researcher through TippingPoint's Zero Day Initiative, a controversial program that pays researchers for the security vulnerabilities they uncover.

Printer-friendly version Email this CRN article