TUCoPS :: Security App Flaws :: tb11168.htm

CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability
ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability
ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability


WkRJLTA3LTAzNTogQ0EgTXVsdGlwbGUgUHJvZHVjdCBBViBFbmdpbmUgQ0FCIEhlYWRlciBQYXJz
aW5nIFN0YWNrDQogICAgICAgICAgICBPdmVyZmxvdyBWdWxuZXJhYmlsaXR5DQpodHRwOi8vd3d3
Lnplcm9kYXlpbml0aWF0aXZlLmNvbS9hZHZpc29yaWVzL1pESS0wNy0wMzUuaHRtbA0KSnVuZSAg
NSwgMjAwNw0KDQotLSBDVkUgSUQ6DQpDVkUtMjAwNy0yODY0DQoNCi0tIEFmZmVjdGVkIFZlbmRv
cjoNCkNvbXB1dGVyIEFzc29jaWF0ZXMNCg0KLS0gQWZmZWN0ZWQgUHJvZHVjdHM6DQpDQSBBbnRp
LVZpcnVzDQplVHJ1c3QgRVogQW50aXZpcnVzDQpDQSBJbnRlcm5ldCBTZWN1cml0eSBTdWl0ZSAy
MDA3DQplVHJ1c3QgSW50ZXJuZXQgU2VjdXJpdHkgU3VpdGUNCmVUcnVzdCBFWiBBcm1vcg0KQ0Eg
VGhyZWF0IE1hbmFnZXINCkNBIFByb3RlY3Rpb24gU3VpdGVzDQpDQSBTZWN1cmUgQ29udGVudCBN
YW5hZ2VyDQpDQSBBbnRpLVZpcnVzIEdhdGV3YXkNClVuaWNlbnRlciBOZXR3b3JrIGFuZCBTeXN0
ZW1zIE1hbmFnZW1lbnQNCkJyaWdodFN0b3IgQVJDc2VydmUgQmFja3VwDQpDQSBDb21tb24gU2Vy
dmljZXMNCg0KLS0gVnVsbmVyYWJpbGl0eSBEZXRhaWxzOg0KVGhpcyB2dWxuZXJhYmlsaXR5IGFs
bG93cyByZW1vdGUgYXR0YWNrZXJzIHRvIGV4ZWN1dGUgYXJiaXRyYXJ5IGNvZGUgb24NCnZ1bG5l
cmFibGUgaW5zdGFsbGF0aW9ucyBvZiB2YXJpb3VzIENvbXB1dGVyIEFzc29jaWF0ZXMgcHJvZHVj
dHMuDQoNClRoZSBzcGVjaWZpYyBmbGF3IGV4aXN0cyB3aXRoaW4gdGhlIHByb2Nlc3Npbmcgb2Yg
YW4gaW1wcm9wZXJseSBkZWZpbmVkDQoiY29mZkZpbGVzIiBmaWVsZCBpbiAuQ0FCIGFyY2hpdmVz
LiBMYXJnZSB2YWx1ZXMgcmVzdWx0IGluIGFuIHVuYm91bmRlZA0KZGF0YSBjb3B5IG9wZXJhdGlv
biB3aGljaCBjYW4gcmVzdWx0IGluIGFuIGV4cGxvaXRhYmxlIHN0YWNrLWJhc2VkDQpidWZmZXIg
b3ZlcmZsb3cuDQoNCi0tIFZlbmRvciBSZXNwb25zZToNCkNvbXB1dGVyIEFzc29jaWF0ZXMgaGFz
IGlzc3VlZCBhbiB1cGRhdGUgdG8gY29ycmVjdCB0aGlzIHZ1bG5lcmFiaWxpdHkuDQpNb3JlIGRl
dGFpbHMgY2FuIGJlIGZvdW5kIGF0Og0KIA0KaHR0cDovL3N1cHBvcnRjb25uZWN0dy5jYS5jb20v
cHVibGljL2FudGl2aXJ1cy9pbmZvZG9jcy9jYWFudGl2aXJ1cy1zZWN1cml0eW5vdGljZS5hc3AN
Cg0KLS0gRGlzY2xvc3VyZSBUaW1lbGluZToNCjIwMDcuMDIuMTYgLSBWdWxuZXJhYmlsaXR5IHJl
cG9ydGVkIHRvIHZlbmRvcg0KMjAwNy4wNi4wNSAtIENvb3JkaW5hdGVkIHB1YmxpYyByZWxlYXNl
IG9mIGFkdmlzb3J5DQoNCi0tIENyZWRpdDoNClRoaXMgdnVsbmVyYWJpbGl0eSB3YXMgZGlzY292
ZXJlZCBieSBhbiBhbm9ueW1vdXMgcmVzZWFyY2hlci4NCg0KLS0gQWJvdXQgdGhlIFplcm8gRGF5
IEluaXRpYXRpdmUgKFpESSk6DQpFc3RhYmxpc2hlZCBieSBUaXBwaW5nUG9pbnQsIGEgZGl2aXNp
b24gb2YgM0NvbSwgVGhlIFplcm8gRGF5IEluaXRpYXRpdmUNCihaREkpIHJlcHJlc2VudHMgYSBi
ZXN0LW9mLWJyZWVkIG1vZGVsIGZvciByZXdhcmRpbmcgc2VjdXJpdHkNCnJlc2VhcmNoZXJzIGZv
ciByZXNwb25zaWJseSBkaXNjbG9zaW5nIGRpc2NvdmVyZWQgdnVsbmVyYWJpbGl0aWVzLg0KDQpS
ZXNlYXJjaGVycyBpbnRlcmVzdGVkIGluIGdldHRpbmcgcGFpZCBmb3IgdGhlaXIgc2VjdXJpdHkg
cmVzZWFyY2gNCnRocm91Z2ggdGhlIFpESSBjYW4gZmluZCBtb3JlIGluZm9ybWF0aW9uIGFuZCBz
aWduLXVwIGF0Og0KDQogICAgaHR0cDovL3d3dy56ZXJvZGF5aW5pdGlhdGl2ZS5jb20NCg0KVGhl
IFpESSBpcyB1bmlxdWUgaW4gaG93IHRoZSBhY3F1aXJlZCB2dWxuZXJhYmlsaXR5IGluZm9ybWF0
aW9uIGlzIHVzZWQuDQozQ29tIGRvZXMgbm90IHJlLXNlbGwgdGhlIHZ1bG5lcmFiaWxpdHkgZGV0
YWlscyBvciBhbnkgZXhwbG9pdCBjb2RlLg0KSW5zdGVhZCwgdXBvbiBub3RpZnlpbmcgdGhlIGFm
ZmVjdGVkIHByb2R1Y3QgdmVuZG9yLCAzQ29tIHByb3ZpZGVzIGl0cw0KY3VzdG9tZXJzIHdpdGgg
emVybyBkYXkgcHJvdGVjdGlvbiB0aHJvdWdoIGl0cyBpbnRydXNpb24gcHJldmVudGlvbg0KdGVj
aG5vbG9neS4gRXhwbGljaXQgZGV0YWlscyByZWdhcmRpbmcgdGhlIHNwZWNpZmljcyBvZiB0aGUN
CnZ1bG5lcmFiaWxpdHkgYXJlIG5vdCBleHBvc2VkIHRvIGFueSBwYXJ0aWVzIHVudGlsIGFuIG9m
ZmljaWFsIHZlbmRvcg0KcGF0Y2ggaXMgcHVibGljbHkgYXZhaWxhYmxlLiBGdXJ0aGVybW9yZSwg
d2l0aCB0aGUgYWx0cnVpc3RpYyBhaW0gb2YNCmhlbHBpbmcgdG8gc2VjdXJlIGEgYnJvYWRlciB1
c2VyIGJhc2UsIDNDb20gcHJvdmlkZXMgdGhpcyB2dWxuZXJhYmlsaXR5DQppbmZvcm1hdGlvbiBj
b25maWRlbnRpYWxseSB0byBzZWN1cml0eSB2ZW5kb3JzIChpbmNsdWRpbmcgY29tcGV0aXRvcnMp
DQp3aG8gaGF2ZSBhIHZ1bG5lcmFiaWxpdHkgcHJvdGVjdGlvbiBvciBtaXRpZ2F0aW9uIHByb2R1
Y3QuDQoNCg0KQ09ORklERU5USUFMSVRZIE5PVElDRTogVGhpcyBlLW1haWwgbWVzc2FnZSwgaW5j
bHVkaW5nIGFueSBhdHRhY2htZW50cywKaXMgYmVpbmcgc2VudCBieSAzQ29tIGZvciB0aGUgc29s
ZSB1c2Ugb2YgdGhlIGludGVuZGVkIHJlY2lwaWVudChzKSBhbmQKbWF5IGNvbnRhaW4gY29uZmlk
ZW50aWFsLCBwcm9wcmlldGFyeSBhbmQvb3IgcHJpdmlsZWdlZCBpbmZvcm1hdGlvbi4KQW55IHVu
YXV0aG9yaXplZCByZXZpZXcsIHVzZSwgZGlzY2xvc3VyZSBhbmQvb3IgZGlzdHJpYnV0aW9uIGJ5
IGFueSAKcmVjaXBpZW50IGlzIHByb2hpYml0ZWQuICBJZiB5b3UgYXJlIG5vdCB0aGUgaW50ZW5k
ZWQgcmVjaXBpZW50LCBwbGVhc2UKZGVsZXRlIGFuZC9vciBkZXN0cm95IGFsbCBjb3BpZXMgb2Yg
dGhpcyBtZXNzYWdlIHJlZ2FyZGxlc3Mgb2YgZm9ybSBhbmQKYW55IGluY2x1ZGVkIGF0dGFjaG1l
bnRzIGFuZCBub3RpZnkgM0NvbSBpbW1lZGlhdGVseSBieSBjb250YWN0aW5nIHRoZQpzZW5kZXIg
dmlhIHJlcGx5IGUtbWFpbCBvciBmb3J3YXJkaW5nIHRvIDNDb20gYXQgcG9zdG1hc3RlckAzY29t
LmNvbS4gCg=

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH