medium
4.3
CWE
NVD-CWE-Other
Advisory Published
Updated

CVE-2007-3875

First published: Thu Jul 26 2007(Updated: )

arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Broadcom Anti-Spyware for the Enterprise=2007
Broadcom Anti-Virus<=8
Broadcom Anti-Virus=7.0
Broadcom Anti-Virus=7.1
Broadcom Anti-Virus=8
Broadcom Anti-Virus=8.1
Broadcom Antivirus SDK
Broadcom Anti-Spyware for the Enterprise=8
Broadcom Anti-Spyware for the Enterprise=8.1
Broadcom Anti-Virus SDK
Broadcom ARCserve Backup=9.01
Broadcom ARCserve Backup=11.1
Broadcom ARCserve Backup=11.5
CA BrightStor ARCserve Backup
Broadcom BrightStor Enterprise Backup=10.5
Broadcom BrightStor ARCserve Client
CA Common Services=11
CA Common Services=11.1
Broadcom eTrust Antivirus=8
CA eTrust Anti-Virus Gateway=7.1
Broadcom eTrust EZ Antivirus=6.1
Broadcom eTrust EZ Antivirus=7
Broadcom eTrust EZ Armor=1
Broadcom eTrust EZ Armor=2
Broadcom eTrust EZ Armor=3
Broadcom Internet Security Suite=1
Broadcom Internet Security Suite=2
Broadcom eTrust Intrusion Detection=2.0
Broadcom eTrust Intrusion Detection=3.0
Broadcom Internet Security Suite=3.0
Broadcom Secure Content Manager=1.1
Broadcom Secure Content Manager=8.0
Broadcom CA Threat Manager=8
CA Network and Systems Management=3.0
CA Network and Systems Management=3.1
CA Network and Systems Management=11
CA Network and Systems Management=11.1
CA ARCserve Backup for Laptops and Desktops=11
Broadcom eTrust Intrusion Detection=3.0-sp1
CA Protection Suites=r2
CA Protection Suites=r3

Remedy

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567

Remedy

http://secunia.com/advisories/26155

Remedy

http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp

Remedy

http://www.securityfocus.com/bid/25049

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2007-3875?

    CVE-2007-3875 is classified as a denial of service vulnerability that can significantly disrupt antivirus functionality.

  • How do I fix CVE-2007-3875?

    To mitigate CVE-2007-3875, update the affected CA Anti-Virus products to versions 7.3.0.9 or later.

  • Which products are affected by CVE-2007-3875?

    CVE-2007-3875 affects CA Anti-Virus products prior to version 7.3.0.9 including various versions of eTrust Antivirus and Anti-Spyware.

  • What type of attack does CVE-2007-3875 involve?

    CVE-2007-3875 involves an attack that leads to an infinite loop within the antivirus software when processing an invalid CHM file.

  • Is CVE-2007-3875 exploitability easy?

    CVE-2007-3875 can be exploited remotely, making it a relatively easy target for attackers if the antivirus software is not updated.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203