Trend Micro Security

CA Product AV Engine CAB Header Parsing Stack Overflow

2011年2月15日
  危険度: : 緊急

  概要

 Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

  トレンドマイクロの対策

Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1001009
  Trend Micro Deep Security DPI Rule Name: 1001009 - CA Product AV Engine CAB Header Parsing Stack Overflow

  影響を受けるソフトウェア

  • Computer Associates Anti-Virus r8
  • Computer Associates BrightStor ARCserve Backup 10.5
  • Computer Associates BrightStor ARCserve Backup 11.0
  • Computer Associates BrightStor ARCserve Backup 11.1
  • Computer Associates BrightStor ARCserve Backup 11.5
  • Computer Associates BrightStor ARCserve Backup 9.01
  • Computer Associates Common Services 1.0
  • Computer Associates Common Services 1.1
  • Computer Associates Common Services 2.0
  • Computer Associates Common Services 2.1
  • Computer Associates Common Services 2.2
  • Computer Associates Common Services 3.0
  • Computer Associates Integrated Threat Management 8.0
  • Computer Associates Internet Security Suite 1.0
  • Computer Associates Internet Security Suite 2.0
  • Computer Associates Internet Security Suite 2007 v3.0
  • Computer Associates Protection Suites r2
  • Computer Associates Protection Suites r3
  • Computer Associates Unicenter Network and Systems Management 11
  • Computer Associates Unicenter Network and Systems Management 11.1
  • Computer Associates Unicenter Network and Systems Management 3.0
  • Computer Associates Unicenter Network and Systems Management 3.1
  • Computer Associates eTrust Anti-Virus SDK
  • Computer Associates eTrust Antivirus 2007 8.1
  • Computer Associates eTrust Antivirus 8.0
  • Computer Associates eTrust Antivirus for the Gateway 7.1
  • Computer Associates eTrust EZ Antivirus 6.1
  • Computer Associates eTrust EZ Antivirus 7.0
  • Computer Associates eTrust EZ Armor 1.0
  • Computer Associates eTrust EZ Armor 2.0
  • Computer Associates eTrust EZ Armor 3.0
  • Computer Associates eTrust EZ Armor 3.1
  • Computer Associates eTrust Secure Content Manager 8.0