Strix
26.1K

CVE-2009-0042

UnknownEPSS 4.27%

Last modified

CVE-2009-0042 is a vulnerability of currently unknown severity. Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.. EPSS estimates a 4.27% chance of exploitation in the next 30 days.

Description

Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.

Metrics

EPSS Probability
4.27%

89.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersionsUpdate
BroadcomAnti-Spyware2007
BroadcomAnti-Spyware2008
BroadcomAnti-Spyware For The Enterprise8.1
BroadcomAnti-Spyware For The Enterpriser8
BroadcomAnti-Virus20078
BroadcomAnti-Virus2008
BroadcomAnti-Virus For The Enterprise7.1
BroadcomAnti-Virus For The Enterprise8.1
BroadcomAnti-Virus For The Enterpriser8
BroadcomAnti-Virus SdkAll versions
BroadcomAntivirus Gateway7.1
BroadcomArcserve Client AgentAll versions
BroadcomCommon Services11
BroadcomCommon Services11.1
BroadcomEtrust Ez Antivirusr6.1
BroadcomEtrust Ez Antivirusr7
BroadcomEtrust Intrusion Detection3.0
BroadcomEtrust Intrusion Detection4.0
BroadcomNetwork And Systems Managementr3.0
BroadcomNetwork And Systems Managementr3.1
BroadcomNetwork And Systems Managementr11
BroadcomNetwork And Systems Managementr11.1
BroadcomSecure Content Manager8.0
BroadcomSecure Content Manager8.1
CaArcserve Backupr11.1 Nil
CaArcserve Backupr11.5_nil_Linux
CaArcserve Backupr12.0_nil_Windows
CaEtrust Intrusion Detection2.0Sp1
CaEtrust Intrusion Detection3.0Sp1
CaInternet Security Suite 20073
CaInternet Security Suite 2008All versions
CaInternet Security Suite Plus 2008All versions
CaProtection Suitesr2
CaProtection Suitesr3
CaProtection Suitesr3.1
CaThreat Manager For The Enterprise8.1
CaThreat Manager For The Enterpriser8

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2009-0042?
Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.
How severe is CVE-2009-0042?
Severity scoring for CVE-2009-0042 is pending analysis. The EPSS model estimates a 4.27% probability of exploitation in the next 30 days.
How do I fix CVE-2009-0042?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-0042?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST