CVE-2007-5327

CA BrightStor ARCServe Backup 9.01-R11.5 & Enterprise Backup r10.5 - Remote Code Execution via RPC

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.

References (12)

Core 12
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/37064
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/37065
Various Sources x_refsource_misc
http://ruder.cdut.net/blogview.asp?logID=231
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27192
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3218
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/482112/100/0/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/482121/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26015
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018805
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3470

Scores

EPSS 0.3212
EPSS Percentile 96.9%

Details

CWE
CWE-119
Status published
Products (6)
broadcom/brightstor_arcserve_backup 9.01
broadcom/brightstor_arcserve_backup 10.5
broadcom/brightstor_arcserve_backup 11
broadcom/brightstor_arcserve_backup 11.1
broadcom/brightstor_arcserve_backup 11.5
broadcom/brightstor_enterprise_backup 10.5
Published Oct 13, 2007
Tracked Since Feb 18, 2026