Intrusion PreventionCA.Multiple.Products.Arclib.DLL.Malformed.CHM.File.Remote.DoS
Description
This indicates a possible attempt to exploit a Denial of Service vulnerability in various CA products.
The vulnerability is caused by errors in the "Arclib" library when processing a malformed "CHM" or "RAR" file.
Affected Products
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.0, 7.1, r8, r8.1
CA Anti-Virus 2007 (v8)
eTrust EZ Antivirus r7, r6.1
CA Internet Security Suite 2007 (v3)
eTrust Internet Security Suite r1, r2
eTrust EZ Armor r1, r2, r3.x
CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8, 8.1
CA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus Gateway) 7.1
CA Protection Suites r2, r3
CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1, 8.0
CA Anti-Spyware for the Enterprise (Formerly eTrust PestPatrol) r8, 8.1
CA Anti-Spyware 2007
Unicenter Network and Systems Management (NSM) r3.0
Unicenter Network and Systems Management (NSM) r3.1
Unicenter Network and Systems Management (NSM) r11
Unicenter Network and Systems Management (NSM) r11.1
BrightStor ARCserve Backup r11.5 on Windows, Linux
BrightStor ARCserve Backup r11.1 on Windows, Linux
BrightStor ARCserve Backup r11 for Windows
BrightStor Enterprise Backup r10.5 on Windows
BrightStor ARCserve Backup v9.01 on Windows, Linux
BrightStor ARCserve Client agent for Windows
eTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1
CA Common Services (CCS) r11
CA Common Services (CCS) r11.1
CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
Impact
Denial of service.
Recommended Actions
Apply the patches available from the web site below:
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 29651 |
| Created | Oct 20, 2011 |
| Updated | Feb 24, 2022 |
| Risk |
|
| CVE ID | CVE-2007-3875 |
| Exploit Prediction Score | 46.82% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | CA |