CVE-2007-0169

2007-01-1122:28:00

CWE-119

mitre

web.nvd.nist.gov

cve

buffer overflow

computer associates

brightstor arcserve backup

security

vulnerability

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.952

Percentile

99.4%

JSON

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.

Affected configurations

Nvd

Node

broadcombrightstor_arcserve_backupRange≤11.5

broadcombrightstor_arcserve_backupMatch9.01

broadcombrightstor_enterprise_backupMatch10.5

broadcombusiness_protection_suiteMatch2.0

VendorProductVersionCPE
broadcombrightstor_arcserve_backup*cpe:2.3:a:broadcom:brightstor_arcserve_backup:*:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup9.01cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
broadcombrightstor_enterprise_backup10.5cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
broadcombusiness_protection_suite2.0cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
broadcom	brightstor_arcserve_backup	*	cpe:2.3:a:broadcom:brightstor_arcserve_backup::::::::
broadcom	brightstor_arcserve_backup	9.01	cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:::::::*
broadcom	brightstor_enterprise_backup	10.5	cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:::::::*
broadcom	business_protection_suite	2.0	cpe:2.3:a:broadcom:business_protection_suite:2.0:::::::*