7.5
CVE-2007-0169
- EPSS 68.81%
- Veröffentlicht 11.01.2007 22:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Broadcom ≫ Brightstor Arcserve Backup Version <= 11.5
Broadcom ≫ Brightstor Arcserve Backup Version9.01
Broadcom ≫ Brightstor Enterprise Backup Version10.5
Broadcom ≫ Business Protection Suite Version2.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 68.81% | 0.993 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://www.securityfocus.com/archive/1/456711
http://osvdb.org/31327
http://secunia.com/advisories/23648
http://securitytracker.com/id?1017506
http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
http://www.vupen.com/english/advisories/2007/0154
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=467
http://www.kb.cert.org/vuls/id/151032
http://www.kb.cert.org/vuls/id/180336
http://www.securityfocus.com/archive/1/456618/100/0/threaded
http://www.securityfocus.com/archive/1/456619/100/0/threaded
http://www.securityfocus.com/bid/22005
http://www.securityfocus.com/bid/22006
http://www.zerodayinitiative.com/advisories/ZDI-07-003.html
http://www.zerodayinitiative.com/advisories/ZDI-07-004.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/31433
https://exchange.xforce.ibmcloud.com/vulnerabilities/31443