Lucene search

MitreCVE-2007-5325

HistoryOct 13, 2007 - 12:17 a.m.

CVE-2007-5325

2007-10-1300:17:00

CWE-119

mitre

web.nvd.nist.gov

cve-2007-5325

buffer overflow

ca brightstor arcserve backup

security vulnerability

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.277

Percentile

96.8%

JSON

Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd

Node

broadcombrightstor_arcserve_backupMatch9.01

broadcombrightstor_arcserve_backupMatch10.5

broadcombrightstor_arcserve_backupMatch11

broadcombrightstor_arcserve_backupMatch11.1

broadcombrightstor_arcserve_backupMatch11.5

broadcombrightstor_enterprise_backupMatch10.5

VendorProductVersionCPE
broadcombrightstor_arcserve_backup9.01cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup10.5cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup11cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup11.1cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup11.5cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
broadcombrightstor_enterprise_backup10.5cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
broadcom	brightstor_arcserve_backup	9.01	cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:::::::*
broadcom	brightstor_arcserve_backup	10.5	cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:::::::*
broadcom	brightstor_arcserve_backup	11	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:::::::*
broadcom	brightstor_arcserve_backup	11.1	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:::::::*
broadcom	brightstor_arcserve_backup	11.5	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:::::::*
broadcom	brightstor_enterprise_backup	10.5	cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:::::::*

References

secunia.com/advisories/27192

supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp

www.securityfocus.com/archive/1/482121/100/0/threaded

www.securityfocus.com/bid/26015

www.securitytracker.com/id?1018805

www.vupen.com/english/advisories/2007/3470

exchange.xforce.ibmcloud.com/vulnerabilities/37063

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.277

Percentile

96.8%

JSON

Related for CVE-2007-5325