CA杀毒引擎arclib库多个内存破坏漏洞
来源:岁月联盟
时间:2009-10-13
Computer Associates eTrust Intrusion Detection 3.0 SP1
Computer Associates eTrust Intrusion Detection 3.0
Computer Associates eTrust Intrusion Detection 2.0 SP1
Computer Associates Common Services r3.1
Computer Associates Common Services r11.1
Computer Associates Common Services r11
Computer Associates Anti-Virus Plus 2009
Computer Associates Anti-Virus for the Enterprise r8.1
Computer Associates Anti-Virus for the Enterprise r8
Computer Associates Anti-Virus for the Enterprise 7.1
Computer Associates Anti-Virus 2009
Computer Associates Anti-Virus 2008
Computer Associates Anti-Virus 2007 (v8)
Computer Associates Internet Security Suite Plus 2009
Computer Associates Internet Security Suite Plus 2008
Computer Associates Internet Security Suite 2008
Computer Associates Internet Security Suite 2007 v3.0
Computer Associates Protection Suites 3.1
Computer Associates Protection Suites 3
Computer Associates Protection Suites 2
Computer Associates Threat Manager for the Enterprise r8.1
Computer Associates Threat Manager for the Enterprise r8
Computer Associates Secure Content Manager 8.0
Computer Associates Secure Content Manager 1.1
Computer Associates ARCserve Backup r12.0 SP2
Computer Associates ARCserve Backup r12.0 SP1
Computer Associates ARCserve Backup r12.0
Computer Associates ARCserve Backup r11.5
Computer Associates ARCserve Backup r11.1
Computer Associates Gateway Security r8.1
Computer Associates NSM 3.1
Computer Associates NSM 3.0
Computer Associates NSM 11.1
Computer Associates NSM 11
Computer Associates Anti-Virus Gateway 7.1漏洞描述:
BUGTRAQ ID: 36653
CVE ID: CVE-2009-3587,CVE-2009-3588
Computer Associates是世界领先的安全厂商,产品包括多种杀毒软件及备份恢复系统。
多个CA产品杀毒引擎所使用的arclib组件在解析畸形RAR压缩文件时存在堆或栈内存破坏,用户受骗打开恶意文件就会导致拒绝服务或执行任意指令。<*参考
http://secunia.com/advisories/36976/
http://marc.info/?l=bugtraq&m=125509973107816&w=2
*>
SEBUG安全建议:
厂商补丁:
Computer Associates
-------------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.cai.com/
