CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2009-0042

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile33.28th
Published2009年1月28日
Last Modified2026年4月23日

Vulnerability Description

Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.

Affected Platforms (CPE)

📦
Broadcom

Anti Spyware

= 2007
📦
Broadcom

Anti Spyware

= 2008
📦
Broadcom

Anti Spyware For The Enterprise

= 8.1
📦
Broadcom

Anti Spyware For The Enterprise

= r8
📦
Broadcom

Anti Virus

= 2007
📦
Broadcom

Anti Virus

= 2008
📦
Broadcom

Anti Virus For The Enterprise

= 7.1
📦
Broadcom

Anti Virus For The Enterprise

= 8.1
📦
Broadcom

Anti Virus For The Enterprise

= r8
📦
Broadcom

Anti Virus Sdk

All versions
📦
Broadcom

Antivirus Gateway

= 7.1
📦
Broadcom

Arcserve Client Agent

All versions
📦
Broadcom

Common Services

= 11
📦
Broadcom

Common Services

= 11.1
📦
Broadcom

Etrust Ez Antivirus

= r6.1
📦
Broadcom

Etrust Ez Antivirus

= r7
📦
Broadcom

Etrust Intrusion Detection

= 3.0
📦
Broadcom

Etrust Intrusion Detection

= 4.0
📦
Broadcom

Network And Systems Management

= r3.0
📦
Broadcom

Network And Systems Management

= r3.1
📦
Broadcom

Network And Systems Management

= r11
📦
Broadcom

Network And Systems Management

= r11.1
📦
Broadcom

Secure Content Manager

= 8.0
📦
Broadcom

Secure Content Manager

= 8.1
📦
Ca

Arcserve Backup

= r11.1
📦
Ca

Arcserve Backup

= r11.1
📦
Ca

Arcserve Backup

= r11.5_nil_
📦
Ca

Arcserve Backup

= r11.5_nil_
📦
Ca

Arcserve Backup

= r12.0_nil_
📦
Ca

Etrust Intrusion Detection

= 2.0
📦
Ca

Etrust Intrusion Detection

= 3.0
📦
Ca

Internet Security Suite 2007

= 3
📦
Ca

Internet Security Suite 2008

All versions
📦
Ca

Internet Security Suite Plus 2008

All versions
📦
Ca

Protection Suites

= r2
📦
Ca

Protection Suites

= r3
📦
Ca

Protection Suites

= r3.1
📦
Ca

Threat Manager For The Enterprise

= 8.1
📦
Ca

Threat Manager For The Enterprise

= r8

References & Advisories

🔗 http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx
🔗 http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601
🔗 http://www.securityfocus.com/archive/1/500417/100/0/threaded
🔗 http://www.securityfocus.com/bid/33464
🔗 http://www.securitytracker.com/id?1021639
🔗 http://www.vupen.com/english/advisories/2009/0270
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/48261
🔗 http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx

相關漏洞威脅

CVE-2007-252210.0

Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware f...

CVE-2005-35607.5

Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spywa...

CVE-2006-08587.2

Unquoted Windows search path vulnerability in (1) snsmcon.exe, (2) the autostartup mechanism, and (3) an unspecified installation ...

CVE-2007-08567.2

TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used ...

CVE-2009-0042 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space