Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Broadcom
  • Anti-virus
  • Anti-virus For The Enterprise
  • Anti-virus Sdk
  • Common Services
  • Etrust Antivirus
  • Etrust Integrated Threat Management
  • Etrust Intrusion Detection
  • Etrust Secure Content Manager
  • Internet Security Suite
  • Network And Systems Management
  • Secure Content Manager
  • Unicenter Network And Systems Management
Ca
  • Anti-virus
  • Anti-virus For The Enterprise
  • Anti-virus Gateway
  • Anti-virus Plus
  • Arcserve Backup
  • Arcserve For Windows Client Agent
  • Arcserve For Windows Server Component
  • Common Services
  • Etrust Anti-virus Gateway
  • Etrust Anti-virus Sdk
  • Etrust Ez Antivirus
  • Etrust Intrusion Detection
  • Etrust Secure Content Manager
  • Gateway Security
  • Internet Security Suite 2008
  • Internet Security Suite Plus 2008
  • Internet Security Suite Plus 2009
  • Protection Suites
  • Threat Manager
  • Threat Manager Total Defense
Linux
  • Linux Kernel

Configuration 1 [-]

OR cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*
cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:internet_security_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:anti-virus:2009:*:*:*:*:*:*:*
cpe:2.3:a:ca:anti-virus_for_the_enterprise:r8.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:anti-virus_gateway:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:anti-virus_plus:2009:*:*:*:*:*:*:*
cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*
cpe:2.3:a:ca:arcserve_for_windows_client_agent:*:*:*:*:*:*:*:*
cpe:2.3:a:ca:arcserve_for_windows_server_component:*:*:*:*:*:*:*:*
cpe:2.3:a:ca:common_services:3.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_anti-virus_gateway:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_anti-virus_sdk:*:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_ez_antivirus:r7.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:gateway_security:r8.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*
cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*
cpe:2.3:a:ca:internet_security_suite_plus_2009:*:*:*:*:*:*:*:*
cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*
cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*
cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:threat_manager:8.1:*:enterprise:*:*:*:*:*
cpe:2.3:a:ca:threat_manager:r8:*:enterprise:*:*:*:*:*
cpe:2.3:a:ca:threat_manager_total_defense:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND
OR cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

No data.

References
Link Providers
http://osvdb.org/58691 cve-icon cve-icon
http://secunia.com/advisories/36976 cve-icon cve-icon
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878 cve-icon cve-icon
http://www.securityfocus.com/archive/1/507068/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/36653 cve-icon cve-icon
http://www.securitytracker.com/id?1022999 cve-icon cve-icon
http://www.vupen.com/english/advisories/2009/2852 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/53697 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-07T06:31:10.544Z

Reserved: 2009-10-08T00:00:00

Link: CVE-2009-3587

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2009-10-13T10:30:00.610

Modified: 2025-04-09T00:30:58.490

Link: CVE-2009-3587

cve-icon Redhat

No data.