5
CVE-2008-4399
- EPSS 8.23%
- Veröffentlicht 14.10.2008 21:10:35
- Zuletzt bearbeitet 16.06.2026 22:57:44
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Broadcom ≫ Arcserve Backup Versionr12.0
Broadcom ≫ Business Protection Suite Versionr2
Broadcom ≫ Server Protection Suite Versionr2
Ca ≫ Arcserve Backup Versionr11.1
Ca ≫ Arcserve Backup Versionr11.5
Ca ≫ Business Protection Suite Versionr2 Editionmicrosoft_small_business_server_premium
Ca ≫ Business Protection Suite Versionr2 Editionmicrosoft_small_business_server_standard
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.23% | 0.942 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/32220
http://www.securityfocus.com/archive/1/497218
http://www.securityfocus.com/bid/31684
http://www.securitytracker.com/id?1021032
http://www.vupen.com/english/advisories/2008/2777
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
https://exchange.xforce.ibmcloud.com/vulnerabilities/45776