- Description
- Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A72E07D-2997-46CF-847F-899CB60FC771",
"versionEndIncluding": "11.5"
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14"
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597"
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF"
}
],
"operator": "OR"
}
]
}
]