----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)  

If not, then implement it through the most reliable vulnerability
intelligence source on the market. 

Implement it through Secunia. 

For more information visit:
http://secunia.com/advisories/business_solutions/

Alternatively request a call from a Secunia representative today to
discuss how we can help you with our capabilities contact us at:
sales@secunia.com

----------------------------------------------------------------------

TITLE:
CA Anti-Virus Engine RAR Processing Two Vulnerabilities

SECUNIA ADVISORY ID:
SA36976

VERIFY ADVISORY:
http://secunia.com/advisories/36976/

DESCRIPTION:
Two vulnerabilities have been reported in multiple CA products, which
can be exploited by malicious people to cause a DoS (Denial of
Service) or to potentially compromise a vulnerable system.

1) An error in the arclib component of the CA Anti-Virus engine can
be exploited to corrupt heap memory via a specially crafted RAR
archive.

Successful exploitation may allow execution of arbitrary code.

2) An error in the arclib component of the CA Anti-Virus engine can
be exploited to corrupt stack memory via a specially crafted RAR
archive and cause a crash.

The vulnerabilities are reported in the following products and
versions:
* CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1,
r8, and r8.1
* CA Anti-Virus 2007 (v8), 2008, and 2009
* CA Anti-Virus Plus 2009
* eTrust EZ Antivirus r7.1
* CA Internet Security Suite 2007 (v3) and 2008
* CA Internet Security Suite Plus 2008 and 2009
* CA Threat Manager for the Enterprise (formerly eTrust Integrated
Threat Management) r8 and 8.1
* CA Threat Manager Total Defense
* CA Gateway Security r8.1
* CA Protection Suites r2, r3, and r3.1
* CA Secure Content Manager (formerly eTrust Secure Content Manager)
1.1 and 8.0
* CA Network and Systems Management (NSM) (formerly Unicenter Network
and Systems Management) r3.0, r3.1, r11, and r11.1
* CA ARCserve Backup r11.5 on Windows, r12 on Windows, r12.0 SP1 on
Windows, r12.0 SP 2 on Windows, r12.5 on Windows, r11.1 Linux, and
r11.5 Linux
* CA ARCserve for Windows Client Agent
* CA ARCserve for Windows Server component
* CA eTrust Intrusion Detection 2.0 SP1, 3.0, and 3.0 SP1
* CA Common Services (CCS) r3.1, r11, and r11.1
* CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
* CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1

SOLUTION:
The vulnerability is fixed in arclib.dll version 8.1.4.0, released
via automatic updates.

Please see the vendor's advisory for detailed instructions on
applying patches.

PROVIDED AND/OR DISCOVERED BY:
The vendor credits Thierry Zoller.

ORIGINAL ADVISORY:
CA20091008-01:
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------