CVE-2007-2864

CA Products <30.6 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-2864. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/fileformat/ca_cab.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in CA eTrust Antivirus 8.1.637 by crafting a malicious CAB file. It leverages a specific return address in inocore.dll to execute arbitrary code via a payload embedded in the CAB file structure.

Description

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/16677

This exploit targets a stack buffer overflow in CA eTrust Antivirus 8.1.637 by crafting a malicious CAB file. It leverages a specific return address in inocore.dll to execute arbitrary code via a payload embedded in the CAB file structure.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CA eTrust Antivirus 8.1.637
No auth needed
Prerequisites: Victim must open the malicious CAB file
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/ca_cab.rb

This Metasploit module exploits a stack buffer overflow in CA eTrust Antivirus 8.1.637 via a maliciously crafted CAB file. It leverages a known return address in inocore.dll to achieve arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CA eTrust Antivirus 8.1.637
No auth needed
Prerequisites: Victim must open the malicious CAB file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24330
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/470602/100/0/threaded
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/105105
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2072
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-07-035.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/470754/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34737
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018199
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/35245
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25570

Scores

EPSS 0.4965
EPSS Percentile 98.7%

Details

Status published
Products (33)
broadcom/anti-virus_for_the_enterprise 8
broadcom/brightstor_arcserve_backup 9.01
broadcom/brightstor_arcserve_backup 10.5
broadcom/brightstor_arcserve_backup 11
broadcom/brightstor_arcserve_backup 11.1
broadcom/brightstor_arcserve_backup 11.5
broadcom/common_services 1.0
broadcom/common_services 1.1
broadcom/common_services 2.0
broadcom/common_services 2.1
... and 23 more
Published Jun 06, 2007
Tracked Since Feb 18, 2026