From The Register:
CA has updated its anti-virus software to guard against a brace of flaws that created a means for hackers to turn the security protection software against its users.
Both bugs involved problems in processing malformed CAB archives. Successful exploitation of the vulnerabilities potentially allows execution of arbitrary code (malware) or system crashes thanks to that perennial hacker favourite, buffer overflow flaws.
The vulnerabilities affect CA Anti-Virus and eTrust security packages, enterprise versions of these products, as well as systems management and backup suites that bundle the security software. CA has published an update (30.6, if you must know) designed to address the flaws, which were reported by security researchers via 3Com Tipping Point’s Zero Day Initiative (advisories here and here).
CA’s advisory can be found here.
Read on.
Tags: CA Antivirus Vulnerabilities, CA Antivirus, Vulnerability
