CVE-2007-2864

CVE Database · CVE-2007-2864

CVE-2007-2864

· N/AModified

CVSS v3.1

N/A

EPSS

49.65%

Published

Jun 6, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBCA AntiVirus Engine - CAB Buffer Overflow (Metasploit)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

Affected Products (33)

broadcom · anti-virus_for_the_enterprisevulnerable

broadcom · brightstor_arcserve_backupvulnerable

broadcom · common_servicesvulnerable

broadcom · common_services

References (20)

http://secunia.com/advisories/25570

PatchVendor Advisory

http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp

http://www.kb.cert.org/vuls/id/105105

US Government Resource

http://www.osvdb.org/35245

http://www.securityfocus.com/archive/1/470602/100/0/threaded

http://www.securityfocus.com/archive/1/470754/100/0/threaded

http://www.securityfocus.com/bid/24330

Patch

http://www.securitytracker.com/id?1018199

http://www.vupen.com/english/advisories/2007/2072

KEV Catalog EPSS Scores Vendors All CVEs