Improper handling of a specially crafted RAR archive file by the CA Anti-Virus engine arclib component leads to heap corruption and allows the attacker to cause a denial of service or possibly further compromise the system.
68c74583d8c2259e62743fb500c3ba5a7a8e32c2b91f70c32aba0e9279bc5cbd
CA's support is alerting customers to multiple security risks associated with CA Anti-Virus Engine. Vulnerabilities exist in the arclib component that can allow a remote attacker to cause a denial of service, or to cause heap corruption and potentially further compromise a system. CA has issued fixes to address the vulnerabilities.
1dc4058c8e774be29fddef6f172c726958c3daac8818e3613e4ed1638ebe3c6f