CVE-2009-3587

Name of the Vulnerable Software and Affected Versions CA Anti-Virus for the Enterprise versions 7.1 through r8.1 CA Anti-Virus 2007 through 2009 CA eTrust EZ Antivirus version r7.1 CA Internet Security Suite 2007 through Plus 2009

Description The issue is related to a crafted RAR archive file that triggers heap corruption, potentially allowing remote attackers to cause a denial of service and possibly execute arbitrary code.

Recommendations For CA Anti-Virus for the Enterprise versions 7.1 through r8.1, update to a version that is not affected by this issue. For CA Anti-Virus 2007 through 2009, update to a version that is not affected by this issue. For CA eTrust EZ Antivirus version r7.1, update to a version that is not affected by this issue. For CA Internet Security Suite 2007 through Plus 2009, update to a version that is not affected by this issue. As a temporary workaround, consider restricting the handling of RAR archive files to minimize the risk of exploitation.