PT-2007-3843 · Ca · Inocore.Dll+2

Published

2007-05-11

Updated

2021-04-09

CVE-2007-2523

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 CA Anti-Virus for the Enterprise version prior to 8.0.448.0

Description The issue is related to weak permissions for the Task Service shared file mapping, which can be modified by local users. This can lead to a stack-based buffer overflow in InoCore.dll, allowing local users to gain privileges.

Recommendations For CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510, update to a version released after 20070510 to resolve the issue. For CA Anti-Virus for the Enterprise version prior to 8.0.448.0, update to version 8.0.448.0 or later to fix the problem.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2523

Affected Products

Ca Anti-Virus For The Enterprise

Inocore.Dll

Threat Manager

PT-2007-3843 · Ca · Inocore.Dll+2

CVE-2007-2523

Related Identifiers

Affected Products

References · 13