Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2007-2864

Published: Jun 06, 2007 | Modified: Apr 14, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2007-2864
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

Affected Software

Name Vendor Start Version End Version
Anti-virus_for_the_enterprise Broadcom 8 (including) 8 (including)
Brightstor_arcserve_backup Broadcom 9.01 (including) 9.01 (including)
Brightstor_arcserve_backup Broadcom 10.5 (including) 10.5 (including)
Brightstor_arcserve_backup Broadcom 11 (including) 11 (including)
Brightstor_arcserve_backup Broadcom 11.1 (including) 11.1 (including)
Brightstor_arcserve_backup Broadcom 11.5 (including) 11.5 (including)
Common_services Broadcom 1.0 (including) 1.0 (including)
Common_services Broadcom 1.1 (including) 1.1 (including)
Common_services Broadcom 2.0 (including) 2.0 (including)
Common_services Broadcom 2.1 (including) 2.1 (including)
Common_services Broadcom 2.2 (including) 2.2 (including)
Common_services Broadcom 3.0 (including) 3.0 (including)
Etrust_antivirus Broadcom 8.0 (including) 8.0 (including)
Etrust_antivirus Broadcom 8.1 (including) 8.1 (including)
Etrust_antivirus_gateway Broadcom 7.1 (including) 7.1 (including)
Etrust_antivirus_sdk Broadcom * *
Etrust_ez_antivirus Broadcom 6.1 (including) 6.1 (including)
Etrust_ez_antivirus Broadcom 7.0 (including) 7.0 (including)
Etrust_ez_armor Broadcom 1.0 (including) 1.0 (including)
Etrust_ez_armor Broadcom 2.0 (including) 2.0 (including)
Etrust_ez_armor Broadcom 3.0 (including) 3.0 (including)
Etrust_ez_armor Broadcom 3.1 (including) 3.1 (including)
Integrated_threat_management Broadcom 8.0 (including) 8.0 (including)
Internet_security_suite Broadcom 1.0 (including) 1.0 (including)
Internet_security_suite Broadcom 2.0 (including) 2.0 (including)
Internet_security_suite Broadcom 3.0 (including) 3.0 (including)
Unicenter_network_and_systems_management Broadcom 3.0 (including) 3.0 (including)
Unicenter_network_and_systems_management Broadcom 3.1 (including) 3.1 (including)
Unicenter_network_and_systems_management Broadcom 11 (including) 11 (including)
Unicenter_network_and_systems_management Broadcom 11.1 (including) 11.1 (including)
Etrust_secure_content_manager Ca 8.0 (including) 8.0 (including)
Protection_suites Ca r2 (including) r2 (including)
Protection_suites Ca r3 (including) r3 (including)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use