CVE-2013-4575

Published Aug 5, 2013

Last updated 11 years ago

Overview

Description: Heap-based buffer overflow in the utility program in the Linux agent in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via unspecified vectors.
Source: secure@symantec.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.9
Impact score: 10
Exploitability score: 5.5
Vector string: AV:A/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:symantec:backup_exec:2010:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "006EB76F-8F6B-4D19-81AB-B9133CBC1F47"
          },
          {
            "criteria": "cpe:2.3:a:symantec:backup_exec:2010:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57941324-A2B2-4635-A3E2-2FA6033032FB"
          },
          {
            "criteria": "cpe:2.3:a:symantec:backup_exec:2012:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "632557AF-509E-4FF8-B0CC-A44ABC56645B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References