7.1

CVE-2007-1785

The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
BroadcomBrightstor Arcserve Backup Version11.5 Updatesp1
BroadcomBrightstor Arcserve Backup Version11.5 Updatesp2
CaBrightstor Arcserve Backup Version11 Editionwindows
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 15.35% 0.964
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 3.9 10
AV:N/AC:H/Au:S/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0467.html
http://secunia.com/advisories/24682
Vendor Advisory
http://securityreason.com/securityalert/2509
http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp
http://www.kb.cert.org/vuls/id/151305
US Government Resource
http://www.securityfocus.com/archive/1/464270/100/0/threaded
http://www.securityfocus.com/archive/1/464343/100/0/threaded
http://www.securityfocus.com/bid/23209
http://www.securitytracker.com/id?1017830
http://www.shirkdog.us/camediasvrremote.py
http://www.shirkdog.us/shk-004.html
http://www.vupen.com/english/advisories/2007/1161
https://exchange.xforce.ibmcloud.com/vulnerabilities/33316