OpenCVE

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Broadcom	Anti-virus For The Enterprise Brightstor Arcserve Backup Brightstor Enterprise Backup Common Services
Ca	Anti-virus For The Enterprise Brightstor Arcserve Backup

Configuration 1 [-]

OR	cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:::::::*
	cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:::::::*
	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:::::::*
	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:::::::*
	cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:::::::*
	cpe:2.3:a:broadcom:common_services:1.0:::::::*
	cpe:2.3:a:broadcom:common_services:1.1:::::::*
	cpe:2.3:a:broadcom:common_services:2.0:::::::*
	cpe:2.3:a:broadcom:common_services:2.1:::::::*
	cpe:2.3:a:broadcom:common_services:2.2:::::::*
	cpe:2.3:a:broadcom:common_services:3.0:::::::*
	cpe:2.3:a:ca:anti-virus_for_the_enterprise:8::enterprise:::::
	cpe:2.3:a:ca:brightstor_arcserve_backup:11::windows:::::

No data.

References

Link	Providers
http://secunia.com/advisories/25570
http://securityreason.com/securityalert/2790
http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp
http://www.kb.cert.org/vuls/id/739409
http://www.osvdb.org/35244
http://www.securityfocus.com/archive/1/470601/100/0/threaded
http://www.securityfocus.com/archive/1/470754/100/0/threaded
http://www.securityfocus.com/bid/24331
http://www.securitytracker.com/id?1018199
http://www.vupen.com/english/advisories/2007/2072
http://www.zerodayinitiative.com/advisories/ZDI-07-034.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/34741

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-06-06T21:00:00

Updated: 2024-08-07T13:57:53.937Z

Reserved: 2007-05-24T00:00:00

Link: CVE-2007-2863

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-06-06T21:30:00.000

Modified: 2021-04-08T13:07:07.243

Link: CVE-2007-2863

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object