TUCoPS :: Security App Flaws :: tb11170.htm

CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability
ZDI-07-034: CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability
ZDI-07-034: CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability


WkRJLTA3LTAzNDogQ0EgTXVsdGlwbGUgUHJvZHVjdCBBViBFbmdpbmUgQ0FCIEZpbGVuYW1lIFBh
cnNpbmcgU3RhY2sNCiAgICAgICAgICAgIE92ZXJmbG93IFZ1bG5lcmFiaWxpdHkNCmh0dHA6Ly93
d3cuemVyb2RheWluaXRpYXRpdmUuY29tL2Fkdmlzb3JpZXMvWkRJLTA3LTAzNC5odG1sDQpKdW5l
ICA1LCAyMDA3DQoNCi0tIENWRSBJRDoNCkNWRS0yMDA3LTI4NjMNCg0KLS0gQWZmZWN0ZWQgVmVu
ZG9yOg0KQ29tcHV0ZXIgQXNzb2NpYXRlcw0KDQotLSBBZmZlY3RlZCBQcm9kdWN0czoNCkNBIEFu
dGktVmlydXMNCmVUcnVzdCBFWiBBbnRpdmlydXMNCkNBIEludGVybmV0IFNlY3VyaXR5IFN1aXRl
IDIwMDcNCmVUcnVzdCBJbnRlcm5ldCBTZWN1cml0eSBTdWl0ZQ0KZVRydXN0IEVaIEFybW9yDQpD
QSBUaHJlYXQgTWFuYWdlcg0KQ0EgUHJvdGVjdGlvbiBTdWl0ZXMNCkNBIFNlY3VyZSBDb250ZW50
IE1hbmFnZXINCkNBIEFudGktVmlydXMgR2F0ZXdheQ0KVW5pY2VudGVyIE5ldHdvcmsgYW5kIFN5
c3RlbXMgTWFuYWdlbWVudA0KQnJpZ2h0U3RvciBBUkNzZXJ2ZSBCYWNrdXANCkNBIENvbW1vbiBT
ZXJ2aWNlcw0KDQotLSBUaXBwaW5nUG9pbnQoVE0pIElQUyBDdXN0b21lciBQcm90ZWN0aW9uOg0K
VGlwcGluZ1BvaW50IElQUyBjdXN0b21lcnMgaGF2ZSBiZWVuIHByb3RlY3RlZCBhZ2FpbnN0IHRo
aXMNCnZ1bG5lcmFiaWxpdHkgc2luY2UgTm92ZW1iZXIgMzAsIDIwMDYgYnkgRGlnaXRhbCBWYWNj
aW5lIHByb3RlY3Rpb24NCmZpbHRlciBJRCA0ODc0LiBGb3IgZnVydGhlciBwcm9kdWN0IGluZm9y
bWF0aW9uIG9uIHRoZSBUaXBwaW5nUG9pbnQgSVBTOg0KDQogICAgaHR0cDovL3d3dy50aXBwaW5n
cG9pbnQuY29tIA0KDQotLSBWdWxuZXJhYmlsaXR5IERldGFpbHM6DQpUaGlzIHZ1bG5lcmFiaWxp
dHkgYWxsb3dzIHJlbW90ZSBhdHRhY2tlcnMgdG8gZXhlY3V0ZSBhcmJpdHJhcnkgY29kZSBvbg0K
dnVsbmVyYWJsZSBpbnN0YWxsYXRpb25zIG9mIHZhcmlvdXMgQ29tcHV0ZXIgQXNzb2NpYXRlcyBw
cm9kdWN0cy4NCg0KVGhlIHNwZWNpZmljIGZsYXcgZXhpc3RzIGluIHRoZSBwYXJzaW5nIG9mIC5D
QUIgYXJjaGl2ZXMuIFdoZW4gYSBsb25nDQpmaWxlbmFtZSBjb250YWluZWQgaW4gdGhlIC5DQUIg
aXMgcHJvY2Vzc2VkIGJ5IHZldGUuZGxsIGFuIGV4cGxvaXRhYmxlDQpzdGFjayBvdmVyZmxvdyBt
YXkgb2NjdXIuDQoNCi0tIFZlbmRvciBSZXNwb25zZToNCkNvbXB1dGVyIEFzc29jaWF0ZXMgaGFz
IGlzc3VlZCBhbiB1cGRhdGUgdG8gY29ycmVjdCB0aGlzIHZ1bG5lcmFiaWxpdHkuDQpNb3JlIGRl
dGFpbHMgY2FuIGJlIGZvdW5kIGF0Og0KIA0KaHR0cDovL3N1cHBvcnRjb25uZWN0dy5jYS5jb20v
cHVibGljL2FudGl2aXJ1cy9pbmZvZG9jcy9jYWFudGl2aXJ1cy1zZWN1cml0eW5vdGljZS5hc3AN
Cg0KLS0gRGlzY2xvc3VyZSBUaW1lbGluZToNCjIwMDYuMTEuMDggLSBWdWxuZXJhYmlsaXR5IHJl
cG9ydGVkIHRvIHZlbmRvcg0KMjAwNi4xMS4zMCAtIERpZ2l0YWwgVmFjY2luZSByZWxlYXNlZCB0
byBUaXBwaW5nUG9pbnQgY3VzdG9tZXJzDQoyMDA3LjA2LjA1IC0gQ29vcmRpbmF0ZWQgcHVibGlj
IHJlbGVhc2Ugb2YgYWR2aXNvcnkNCg0KLS0gQ3JlZGl0Og0KVGhpcyB2dWxuZXJhYmlsaXR5IHdh
cyBkaXNjb3ZlcmVkIGJ5IGFuIGFub255bW91cyByZXNlYXJjaGVyLg0KDQotLSBBYm91dCB0aGUg
WmVybyBEYXkgSW5pdGlhdGl2ZSAoWkRJKToNCkVzdGFibGlzaGVkIGJ5IFRpcHBpbmdQb2ludCwg
YSBkaXZpc2lvbiBvZiAzQ29tLCBUaGUgWmVybyBEYXkgSW5pdGlhdGl2ZQ0KKFpESSkgcmVwcmVz
ZW50cyBhIGJlc3Qtb2YtYnJlZWQgbW9kZWwgZm9yIHJld2FyZGluZyBzZWN1cml0eQ0KcmVzZWFy
Y2hlcnMgZm9yIHJlc3BvbnNpYmx5IGRpc2Nsb3NpbmcgZGlzY292ZXJlZCB2dWxuZXJhYmlsaXRp
ZXMuDQoNClJlc2VhcmNoZXJzIGludGVyZXN0ZWQgaW4gZ2V0dGluZyBwYWlkIGZvciB0aGVpciBz
ZWN1cml0eSByZXNlYXJjaA0KdGhyb3VnaCB0aGUgWkRJIGNhbiBmaW5kIG1vcmUgaW5mb3JtYXRp
b24gYW5kIHNpZ24tdXAgYXQ6DQoNCiAgICBodHRwOi8vd3d3Lnplcm9kYXlpbml0aWF0aXZlLmNv
bQ0KDQpUaGUgWkRJIGlzIHVuaXF1ZSBpbiBob3cgdGhlIGFjcXVpcmVkIHZ1bG5lcmFiaWxpdHkg
aW5mb3JtYXRpb24gaXMgdXNlZC4NCjNDb20gZG9lcyBub3QgcmUtc2VsbCB0aGUgdnVsbmVyYWJp
bGl0eSBkZXRhaWxzIG9yIGFueSBleHBsb2l0IGNvZGUuDQpJbnN0ZWFkLCB1cG9uIG5vdGlmeWlu
ZyB0aGUgYWZmZWN0ZWQgcHJvZHVjdCB2ZW5kb3IsIDNDb20gcHJvdmlkZXMgaXRzDQpjdXN0b21l
cnMgd2l0aCB6ZXJvIGRheSBwcm90ZWN0aW9uIHRocm91Z2ggaXRzIGludHJ1c2lvbiBwcmV2ZW50
aW9uDQp0ZWNobm9sb2d5LiBFeHBsaWNpdCBkZXRhaWxzIHJlZ2FyZGluZyB0aGUgc3BlY2lmaWNz
IG9mIHRoZQ0KdnVsbmVyYWJpbGl0eSBhcmUgbm90IGV4cG9zZWQgdG8gYW55IHBhcnRpZXMgdW50
aWwgYW4gb2ZmaWNpYWwgdmVuZG9yDQpwYXRjaCBpcyBwdWJsaWNseSBhdmFpbGFibGUuIEZ1cnRo
ZXJtb3JlLCB3aXRoIHRoZSBhbHRydWlzdGljIGFpbSBvZg0KaGVscGluZyB0byBzZWN1cmUgYSBi
cm9hZGVyIHVzZXIgYmFzZSwgM0NvbSBwcm92aWRlcyB0aGlzIHZ1bG5lcmFiaWxpdHkNCmluZm9y
bWF0aW9uIGNvbmZpZGVudGlhbGx5IHRvIHNlY3VyaXR5IHZlbmRvcnMgKGluY2x1ZGluZyBjb21w
ZXRpdG9ycykNCndobyBoYXZlIGEgdnVsbmVyYWJpbGl0eSBwcm90ZWN0aW9uIG9yIG1pdGlnYXRp
b24gcHJvZHVjdC4NCg0KDQpDT05GSURFTlRJQUxJVFkgTk9USUNFOiBUaGlzIGUtbWFpbCBtZXNz
YWdlLCBpbmNsdWRpbmcgYW55IGF0dGFjaG1lbnRzLAppcyBiZWluZyBzZW50IGJ5IDNDb20gZm9y
IHRoZSBzb2xlIHVzZSBvZiB0aGUgaW50ZW5kZWQgcmVjaXBpZW50KHMpIGFuZAptYXkgY29udGFp
biBjb25maWRlbnRpYWwsIHByb3ByaWV0YXJ5IGFuZC9vciBwcml2aWxlZ2VkIGluZm9ybWF0aW9u
LgpBbnkgdW5hdXRob3JpemVkIHJldmlldywgdXNlLCBkaXNjbG9zdXJlIGFuZC9vciBkaXN0cmli
dXRpb24gYnkgYW55IApyZWNpcGllbnQgaXMgcHJvaGliaXRlZC4gIElmIHlvdSBhcmUgbm90IHRo
ZSBpbnRlbmRlZCByZWNpcGllbnQsIHBsZWFzZQpkZWxldGUgYW5kL29yIGRlc3Ryb3kgYWxsIGNv
cGllcyBvZiB0aGlzIG1lc3NhZ2UgcmVnYXJkbGVzcyBvZiBmb3JtIGFuZAphbnkgaW5jbHVkZWQg
YXR0YWNobWVudHMgYW5kIG5vdGlmeSAzQ29tIGltbWVkaWF0ZWx5IGJ5IGNvbnRhY3RpbmcgdGhl
CnNlbmRlciB2aWEgcmVwbHkgZS1tYWlsIG9yIGZvcndhcmRpbmcgdG8gM0NvbSBhdCBwb3N0bWFz
dGVyQDNjb20uY29tLiAK

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH