<<< Date Index >>>     <<< Thread Index >>>

RE: CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability



Hello,

I have an update for the "Computer Associates Vet Antivirus engine 
heap overflow vulnerability" that was disclosed on 2005/05/23.  
'BrightStor ARCserve Backup (BAB) r11.1 Windows' does NOT use the Vet 
Antivirus engine in any part of the product.  Furthermore, none of the 
BrightStor ARCserve Backup products use the Vet Antivirus engine.  BAB 
is consequently NOT affected by the heap overflow vulnerability.

References:
CAID 32896 
OSVDB 16780
CVE CAN-2005-1693
BID 13710

Regards,
kw
                                                           
Ken Williams ; Vulnerability Research 
Computer Associates ; 0xE2941985
A9F9 44A6 B421 FF7D 4000 E6A9 7925 91DF E294 1985