1. Home
  2. CVE Database
  3. CVE-2007-3875
MEDIUM · 4.3

CVE-2007-3875

arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functio...

Vulnerability Description

arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:N/A:P
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL

Affected Products

VendorProductVersions
BroadcomAnti-Spyware2007
BroadcomAnti-Virus For The Enterprise<= 8
BroadcomAnti Virus SdkAll versions
BroadcomAntispyware For The Enterprise8
BroadcomAntivirus SdkAll versions
BroadcomBrightstor Arcserve Backup9.01
BroadcomBrightstor Arcserve ClientAll versions
BroadcomBrightstor Enterprise Backup10.5
BroadcomBrigthstor Arcserve Client For WindowsAll versions
BroadcomCommon Services11
BroadcomEtrust Antivirus8
BroadcomEtrust Antivirus Gateway7.1
BroadcomEtrust Ez Antivirus6.1
BroadcomEtrust Ez Armor1
BroadcomEtrust Internet Security Suite1
BroadcomEtrust Intrusion Detection2.0
BroadcomInternet Security Suite3.0
BroadcomSecure Content Manager1.1
BroadcomThreat Manager8
BroadcomUnicenter Network And Systems Management3.0

References

FAQ

What is CVE-2007-3875?

CVE-2007-3875 is a vulnerability with a CVSS score of 4.3 (MEDIUM). arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functio...

How severe is CVE-2007-3875?

CVE-2007-3875 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-3875?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Anti-Spyware, Broadcom Anti-Virus For The Enterprise, Broadcom Anti Virus Sdk, Broadcom Antispyware For The Enterprise, Broadcom Antivirus Sdk.