Detections
Analytics

CVE-2007-0169

critical

Description

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/31443

https://exchange.xforce.ibmcloud.com/vulnerabilities/31433

http://www.vupen.com/english/advisories/2007/0154

http://www.securityfocus.com/bid/22006

http://www.securityfocus.com/bid/22005

http://www.securityfocus.com/archive/1/456711

http://www.securityfocus.com/archive/1/456619/100/0/threaded

http://www.securityfocus.com/archive/1/456618/100/0/threaded

http://www.kb.cert.org/vuls/id/180336

http://www.kb.cert.org/vuls/id/151032

http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp

http://securitytracker.com/id?1017506

http://secunia.com/advisories/23648

http://osvdb.org/31327

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=467

Details

Source: Mitre, NVD

Published: 2007-01-11

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical