Broadcom Internet Security Suite vulnerabilities

6 known vulnerabilities affecting broadcom/internet_security_suite.

Total CVEs

6

CISA KEV

0

Public exploits

1

Exploited in wild

0

Severity breakdown

CRITICAL2HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1

CVE-2009-3587CRITICALCVSS 9.3v3.02009-10-13

CVE-2009-3587 [CRITICAL] CVE-2009-3587: Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly e

CVE-2009-3588MEDIUMCVSS 4.3v3.02009-10-13

CVE-2009-3588 [MEDIUM] CVE-2009-3588: Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RA

CVE-2008-2926HIGHCVSS 7.2v3.02008-08-12

CVE-2008-2926 [HIGH] CWE-20 CVE-2008-2926: The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.

CVE-2007-3875MEDIUMCVSS 4.3v3.02007-07-26

CVE-2007-3875 [MEDIUM] CVE-2007-3875: arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA produc arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.

CVE-2007-2864CRITICALCVSS 9.3PoCv1.0v2.0+1 more2007-06-06

CVE-2007-2864 [CRITICAL] CVE-2007-2864: Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (form Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

CVE-2006-6496MEDIUMCVSS 6.6v3.02006-12-13

CVE-2006-6496 [MEDIUM] CVE-2006-6496: The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Be The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service (system crash) via certain IOCTLs.