CVE-2009-3587
CA Anti-Virus - Denial of Service and Possible Remote Code Execution via Crafted RAR Archive
Title source: llmDescription
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.
References (8)
Core 8
Core References
Broken Link, Patch, Vendor Advisory x_refsource_confirm
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/58691
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/36976
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1022999
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/2852
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/53697
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507068/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/36653
Scores
EPSS
0.0739
EPSS Percentile
91.8%
Details
Status
published
Products (50)
broadcom/anti-virus
2007 8
broadcom/anti-virus
2008
broadcom/anti-virus_for_the_enterprise
7.1
broadcom/anti-virus_for_the_enterprise
r8
broadcom/anti-virus_sdk
broadcom/common_services
11
broadcom/common_services
11.1
broadcom/etrust_antivirus
7.1
broadcom/etrust_antivirus
8
broadcom/etrust_antivirus
8.1
... and 40 more
Published
Oct 13, 2009
Tracked Since
Feb 18, 2026