Информационная безопасность
[RU] switch to English


DoS против Computer Associates AntiVirus
Опубликовано:25 июля 2007 г.
Источник:
SecurityVulns ID:7975
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ при разборе файлов CHM и RAR.
Затронутые продукты:CA : eTrust Antivirus 8
CVE:CVE-2007-3875 (arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.)
 CVE-2006-5645 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.)
 CVE-2006-5645 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.)
Оригинальный текстdocumentsecurity_(at)_nruns.com, [Full-disclosure] n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory (25.07.2007)
 documentCA, [Full-disclosure] [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities (25.07.2007)
 documentIDEFENSE, iDefense Security Advisory 07.24.07: Computer Associates AntiVirus CHM File Handling DoS Vulnerability (25.07.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород