发布日期：2007-06-05
更新日期：2007-06-06

受影响系统：

Computer Associates BrightStor ARCserve Backup R11.5
Computer Associates BrightStor ARCserve Backup R11.1
Computer Associates BrightStor ARCserve Backup r11.0 for Windows
Computer Associates BrightStor ARCserve Backup r10.5
Computer Associates BrightStor ARCserve Backup 9.01
Computer Associates Anti-Virus SDK
Computer Associates Anti-Virus Gateway 7.1
Computer Associates Anti-Virus for the Enterprise r8.1
Computer Associates Anti-Virus for the Enterprise r8
Computer Associates Anti-Virus 2007 (v8)
Computer Associates Internet Security Suite 2007 v3.0
Computer Associates Protection Suites r3
Computer Associates Protection Suites r2
Computer Associates eTrust EZ Antivirus r7
Computer Associates eTrust EZ Antivirus r6.1
Computer Associates eTrust Internet Security Suite r2
Computer Associates eTrust Internet Security Suite r1
Computer Associates eTrust EZ Armor r3.x
Computer Associates eTrust EZ Armor r2
Computer Associates eTrust EZ Armor r1
Computer Associates Threat Manager for the Enterprise r8
Computer Associates Threat Manager for the Enterprise r8
Computer Associates Secure Content Manager 8.0
Computer Associates Unicenter NSM r3.1
Computer Associates Unicenter NSM r3.0
Computer Associates Unicenter NSM r11.1
Computer Associates Unicenter NSM r11

描述：

---

BUGTRAQ  ID: 24331
CVE(CAN) ID: CVE-2007-2863

Computer Associates是世界领先的安全厂商，产品包括多种杀毒软件及备份恢复系统。

多个CA产品的杀毒引擎在解析畸形内容的.CAB文档时存在栈溢出漏洞，远程攻击者可能利用此漏洞控制系统，

软件包中vete.dll模块如果处理了.CAB文档中的超长文件名，就会触发这个溢出，导致执行任意指令。

<*来源：ZDI （http://www.zerodayinitiative.com/）
  
  链接：http://marc.info/?l=bugtraq&m=118107467213086&w=2
        http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp
        http://secunia.com/advisories/25570/
        http://marc.info/?l=bugtraq&m=118123294625331&w=2
*>

建议：

---

厂商补丁：

Computer Associates
-------------------
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

http://www.cai.com/

浏览次数：2717
严重程度：0（网友投票）