|
|
|
|
| |
Credit:
The information has been provided by iDefense.
The original article can be found at:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567
|
| |
Vulnerable Systems:
* eTrust AntiVirus version r8.
* (Previous versions of eTrust Antivirus are suspected vulnerable).
* (Other Computer Associates products, as well as derived products, may also be vulnerable).
When eTrust Antivirus engine scans a malformed CHM file that has an invalid 'previous listing chunk number' field, the scanner will enter an infinite loop and be unable to process any other files.
This denial of service attack will prevent the scanner from scanning other files on disk while it is stuck on the exploit file. The hung process can be quit by the user and does not consume all system resources.
Vendor Status:
Computer Associates has addressed this vulnerability by releasing updates. These updates are available via the products' automatic update features.
More information is available within Computer Associates advisory at the following URL.
http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp
CVE Information:
CVE-2007-3875
Disclosure Timeline:
* 01/16/2007 - Initial vendor notification
* 01/17/2007 - Initial vendor response
* 07/24/2007 - Coordinated public disclosure
|
|
|
|
|
