CVE-2009-0042
published 2009-01-28CVE-2009-0042: Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1…
PriorityP341critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
4.27%
89.8th percentile
Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | anti-spyware | — | — |
| broadcom | anti-spyware | — | — |
| broadcom | anti-spyware_for_the_enterprise | — | — |
| broadcom | anti-spyware_for_the_enterprise | — | — |
| broadcom | anti-virus | — | — |
| broadcom | anti-virus | — | — |
| broadcom | anti-virus_for_the_enterprise | — | — |
| broadcom | anti-virus_for_the_enterprise | — | — |
| broadcom | anti-virus_for_the_enterprise | — | — |
| broadcom | antivirus_gateway | — | — |
| broadcom | common_services | — | — |
| broadcom | common_services | — | — |
| broadcom | etrust_ez_antivirus | — | — |
| broadcom | etrust_ez_antivirus | — | — |
| broadcom | etrust_intrusion_detection | — | — |
| broadcom | etrust_intrusion_detection | — | — |
| broadcom | network_and_systems_management | — | — |
| broadcom | network_and_systems_management | — | — |
| broadcom | network_and_systems_management | — | — |
| broadcom | network_and_systems_management | — | — |
| broadcom | secure_content_manager | — | — |
| broadcom | secure_content_manager | — | — |
| ca | arcserve_backup | — | — |
| ca | arcserve_backup | — | — |
| ca | arcserve_backup | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspxhttp://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601http://www.securityfocus.com/archive/1/500417/100/0/threadedhttp://www.securityfocus.com/bid/33464http://www.securitytracker.com/id?1021639http://www.vupen.com/english/advisories/2009/0270https://exchange.xforce.ibmcloud.com/vulnerabilities/48261http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspxhttp://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601http://www.securityfocus.com/archive/1/500417/100/0/threadedhttp://www.securityfocus.com/bid/33464http://www.securitytracker.com/id?1021639http://www.vupen.com/english/advisories/2009/0270https://exchange.xforce.ibmcloud.com/vulnerabilities/48261
2009-01-28
Published