CERTA-2009-AVI-033
Vulnerability from certfr_avis
De multiples vulnérabilités dans CA Anti-Virus permettent de contourner le mécanisme de détection des codes malveillants.
Description
De multiples vulnérabilités ont été découvertes dans le moteur de CA Anti-Virus. À l'aide d'une archive spécifiquement constituée, un utilisateur malintentionné peut contourner le mécanisme de détection des codes malveillants.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | CA Anti-Virus for the Enterprise (autrefois appelé eTrust Antivirus) versions 7.1, r8 et r8.1 ; | ||
| Microsoft | Windows | CA ARCserve client agent for Windows ; | ||
| N/A | N/A | CA Secure Content Manager (autrefois appelé eTrust Secure Content Manager) versions 8.0 et 8.1 ; | ||
| N/A | N/A | CA Anti-Virus 2007 version v8 ; | ||
| ESET | N/A | CA Anti-Spyware 2008 ; | ||
| N/A | N/A | CA Threat Manager for the Enterprise (autrefois appelé eTrust Integrated Threat Management) versions r8 et r8.1 ; | ||
| ESET | Internet Security | CA Internet Security Suite 2008 ; | ||
| Microsoft | Windows | CA ARCserve Backup versions r11.1, r11.5 et r12 pour Windows ; | ||
| N/A | N/A | CA Network and Systems Management (autrefois appelé Unicenter Network and Systems Management versions r3.0, r3.1, r11 et r11.1 ; | ||
| ESET | N/A | CA Common Services versions r11, r11.1 ; | ||
| ESET | N/A | CA Anti-Spyware for the Enterprise (autrefois appelé eTrust PestPatrol) versions r8 et r8.1 ; | ||
| ESET | Internet Security | CA Internet Security Suite 2007 version v3 ; | ||
| N/A | N/A | CA eTrust Intrusion Detection versions 2.0 SP1, 3.0, 3.0 SP1 et 4.0 ; | ||
| N/A | N/A | CA Anti-Virus 2008 ; | ||
| ESET | N/A | eTrust EZ Antivirus versions r7 et r6.1 ; | ||
| ESET | N/A | CA ARCserve Backup versions r11.1 et r11.5 pour Linux ; | ||
| N/A | N/A | CA Protection Suites versions r2, r3 et r3.1 ; | ||
| ESET | N/A | CA Anti-Virus Gateway (autrefois appelé eTrust Antivirus Gateway) version 7.1 ; | ||
| N/A | N/A | CA Anti-Spyware 2007 ; | ||
| N/A | N/A | CA Anti-Virus SDK (autrefois appelé eTrust Anti-Virus SDK). |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CA Anti-Virus for the Enterprise (autrefois appel\u00e9 eTrust Antivirus) versions 7.1, r8 et r8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA ARCserve client agent for Windows ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CA Secure Content Manager (autrefois appel\u00e9 eTrust Secure Content Manager) versions 8.0 et 8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus 2007 version v8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Spyware 2008 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Threat Manager for the Enterprise (autrefois appel\u00e9 eTrust Integrated Threat Management) versions r8 et r8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite 2008 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA ARCserve Backup versions r11.1, r11.5 et r12 pour Windows ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CA Network and Systems Management (autrefois appel\u00e9 Unicenter Network and Systems Management versions r3.0, r3.1, r11 et r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Common Services versions r11, r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Anti-Spyware for the Enterprise (autrefois appel\u00e9 eTrust PestPatrol) versions r8 et r8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite 2007 version v3 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA eTrust Intrusion Detection versions 2.0 SP1, 3.0, 3.0 SP1 et 4.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus 2008 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "eTrust EZ Antivirus versions r7 et r6.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA ARCserve Backup versions r11.1 et r11.5 pour Linux ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Protection Suites versions r2, r3 et r3.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus Gateway (autrefois appel\u00e9 eTrust Antivirus Gateway) version 7.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Anti-Spyware 2007 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus SDK (autrefois appel\u00e9 eTrust Anti-Virus SDK).",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le moteur de CA\nAnti-Virus. \u00c0 l\u0027aide d\u0027une archive sp\u00e9cifiquement constitu\u00e9e, un\nutilisateur malintentionn\u00e9 peut contourner le m\u00e9canisme de d\u00e9tection des\ncodes malveillants.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-0042",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0042"
}
],
"initial_release_date": "2009-01-28T00:00:00",
"last_revision_date": "2009-01-28T00:00:00",
"links": [],
"reference": "CERTA-2009-AVI-033",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-01-28T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eCA\nAnti-Virus\u003c/span\u003e permettent de contourner le m\u00e9canisme de d\u00e9tection des\ncodes malveillants.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans CA Anti-Virus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 CA20090126-01 du 26 janvier 2009",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…