CVE-2007-2523: Buffer Overflow
First published: Fri May 11 2007(Updated: )
CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll before 8.0.448.0.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom Anti-Virus for the Enterprise | =8 | |
| Broadcom eTrust Integrated Threat Management | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=530
- http://supportconnectw.ca.com/public/antivirus/infodocs/caav-secnotice050807.asp
- http://www.securityfocus.com/bid/23906
- http://blog.48bits.com/?p=103
- http://www.kb.cert.org/vuls/id/788416
- http://www.securitytracker.com/id?1018043
- http://secunia.com/advisories/25202
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063275.html
- http://www.osvdb.org/34586
- http://www.vupen.com/english/advisories/2007/1750
- http://www.securityfocus.com/archive/1/468306/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2007-2523?
CVE-2007-2523 is considered a high severity vulnerability due to the potential for privilege escalation and exploitation through a stack-based buffer overflow.
How do I fix CVE-2007-2523?
To fix CVE-2007-2523, it is recommended to update to the latest version of CA Anti-Virus for the Enterprise and Threat Manager, specifically versions released after May 10, 2007.
What systems are affected by CVE-2007-2523?
CVE-2007-2523 affects CA Anti-Virus for the Enterprise version 8 and Broadcom eTrust Integrated Threat Management version 8.0.
What is the nature of the vulnerability in CVE-2007-2523?
The nature of CVE-2007-2523 involves weak file permissions leading to local users being able to modify shared file mappings and trigger potential buffer overflows.
Who is impacted by CVE-2007-2523?
Local users with access to the affected systems may be impacted by CVE-2007-2523 as they could exploit the vulnerability to gain elevated privileges.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/severity
- agent/author
- agent/remedy
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ca
- canonical/broadcom anti-virus for the enterprise
- version/broadcom anti-virus for the enterprise/8
- vendor/broadcom
- canonical/broadcom etrust integrated threat management
- version/broadcom etrust integrated threat management/8.0