Vulnerability Description
Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Anti-Spyware | 2007 |
| Broadcom | Anti-Spyware For The Enterprise | 8.1 |
| Broadcom | Anti-Virus | 2007 |
| Broadcom | Anti-Virus For The Enterprise | 7.1 |
| Broadcom | Anti-Virus Sdk | All versions |
| Broadcom | Antivirus Gateway | 7.1 |
| Broadcom | Arcserve Client Agent | - |
| Broadcom | Common Services | 11 |
| Broadcom | Etrust Ez Antivirus | r6.1 |
| Broadcom | Etrust Intrusion Detection | 3.0 |
| Broadcom | Network And Systems Management | r3.0 |
| Broadcom | Secure Content Manager | 8.0 |
| Ca | Arcserve Backup | r11.1 |
| Ca | Etrust Intrusion Detection | 2.0 |
| Ca | Internet Security Suite 2007 | 3 |
| Ca | Internet Security Suite 2008 | All versions |
| Ca | Internet Security Suite Plus 2008 | All versions |
| Ca | Protection Suites | r2 |
| Ca | Threat Manager For The Enterprise | 8.1 |
References
- http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca200901Vendor Advisory
- http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601
- http://www.securityfocus.com/archive/1/500417/100/0/threaded
- http://www.securityfocus.com/bid/33464
- http://www.securitytracker.com/id?1021639
- http://www.vupen.com/english/advisories/2009/0270
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48261
- http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca200901Vendor Advisory
- http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601
- http://www.securityfocus.com/archive/1/500417/100/0/threaded
- http://www.securityfocus.com/bid/33464
- http://www.securitytracker.com/id?1021639
- http://www.vupen.com/english/advisories/2009/0270
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48261
FAQ
What is CVE-2009-0042?
CVE-2009-0042 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008;...
How severe is CVE-2009-0042?
CVE-2009-0042 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0042?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Anti-Spyware, Broadcom Anti-Spyware For The Enterprise, Broadcom Anti-Virus, Broadcom Anti-Virus For The Enterprise, Broadcom Anti-Virus Sdk.