10

CVE-2006-5172

Exploit

EPSS 23.46%
Published 16.01.2007 20:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe String Handling Overflow," a different vulnerability than CVE-2006-5171.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Broadcom ≫ Brightstor Arcserve Backup Version <= 11.5

Broadcom ≫ Brightstor Arcserve Backup Version9.01

Broadcom ≫ Brightstor Enterprise Backup Version10.5

Ca ≫ Protection Suites Versionr2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	23.46%	0.958

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://www.securityfocus.com/archive/1/456711

http://secunia.com/advisories/23648

http://securitytracker.com/id?1017506

http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp

Exploit

http://www.vupen.com/english/advisories/2007/0154

http://osvdb.org/31320

http://www.iss.net/threats/253.html

http://www.securityfocus.com/bid/22016

https://exchange.xforce.ibmcloud.com/vulnerabilities/29344

https://nvd.nist.gov/vuln/detail/CVE-2006-5172

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5172

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5172

EUVD