CVE-2009-3587

3 documents3 sources

Severity

9.3CRITICAL

EPSS

7.4%

top 8.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Anti-virus Broadcom Anti-virus FOR THE Enterprise Broadcom Common Services +21 more

Timeline

PublishedOct 13

Latest updateMay 2

Description

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages22 packages

▶NVDca/etrust_ez_antivirusr7.1

▶NVDbroadcom/etrust_antivirus7.1, 8, 8.1+2

▶NVDca/etrust_anti-virus_gateway7.1

▶NVDca/anti-virus_plus2009

▶NVDca/anti-virus2009, r8.1+1

Patches

Patch: support.ca.com ↗Patch: support.ca.com ↗

🔴Vulnerability Details

GHSA

GHSA-q64c-hf5x-986j: Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7↗2022-05-02

▶

CVEList

CVE-2009-3587: Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7↗2009-10-13

▶