|
CA Multiple Products Vet Antivirus Engine Buffer Overflow
|
|
Secunia Advisory:
|
SA15470
|
|
|
Release Date:
|
2005-05-24
|
|
Last Update:
|
2005-05-30
|
|
Popularity:
|
20,885 views
|
|
|
Critical:
|
 Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | eTrust Antivirus 6.x eTrust Antivirus 7.x eTrust EZ Antivirus 6.x eTrust EZ Antivirus 7.x eTrust EZ Armor 2.x eTrust InoculateIT 6.x for Windows eTrust Intrusion Detection 3.x eTrust Secure Content Manager (SCM)
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| CVE reference: | CVE-2005-1693
|
|
Description: Alex Wheeler has reported a vulnerability in various Computer Associates products, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an integer overflow in the Vet Antivirus Engine (VetE.dll) when analysing OLE streams. This can be exploited to cause a heap-based buffer overflow via e.g. a specially crafted Microsoft Office document.
Successful exploitation allows execution of arbitrary code.
The vulnerability affects the following products:
* CA InoculateIT 6.0 (all platforms, including Notes/Exchange)
* eTrust Antivirus r6.0 (all platforms, including Notes/Exchange)
* eTrust Antivirus r7.0 (all platforms, including Notes/Exchange)
* eTrust Antivirus r7.1 (all platforms, including Notes/Exchange)
* eTrust Antivirus for the Gateway r7.0 (all modules and platforms)
* eTrust Antivirus for the Gateway r7.1 (all modules and platforms)
* eTrust Secure Content Manager (all releases)
* eTrust Intrusion Detection (all releases)
* eTrust EZ Antivirus r6.2 - r7.0.5
* eTrust EZ Armor r1.0 - r2.4.4
* eTrust EZ Armor LE r2.0 - r3.0.0.14
* Vet Antivirus r10.66 and below
Solution: Update to Vet engine 11.9.1 or later.
Provided and/or discovered by: Alex Wheeler
Changelog: 2005-05-26: Added CVE reference.
2005-05-30: Vendor issues new information stating that BrightStor ARCserve Backup products aren't affected.
Original Advisory: Alex Wheeler:
http://www.rem0te.com/public/images/vet.pdf
CA:
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|