CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
95.1%
Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.
Vendor | Product | Version | CPE |
---|---|---|---|
broadcom | alert_notification_server | * | cpe:2.3:a:broadcom:alert_notification_server:*:*:*:*:*:*:*:* |
broadcom | brightstor_arcserve_backup | 9.01 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:* |
broadcom | brightstor_arcserve_backup | 11.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:* |
broadcom | brightstor_arcserve_backup | 11.5 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:* |
broadcom | brightstor_enterprise_backup | 10.5 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:* |
ca | anti-virus_for_the_enterprise | 8 | cpe:2.3:a:ca:anti-virus_for_the_enterprise:8:*:enterprise:*:*:*:*:* |
ca | brightstor_arcserve_backup | 11 | cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:* |
ca | brightstor_arcserve_client | * | cpe:2.3:a:ca:brightstor_arcserve_client:*:*:windows:*:*:*:*:* |
ca | protection_suites | r3 | cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:* |
ca | threat_manager | 8 | cpe:2.3:a:ca:threat_manager:8:*:enterprise:*:*:*:*:* |
labs.idefense.com/intelligence/vulnerabilities/display.php?id=561
secunia.com/advisories/26088
supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
www.securityfocus.com/bid/24947
www.securitytracker.com/id?1018402
www.securitytracker.com/id?1018403
www.securitytracker.com/id?1018404
www.securitytracker.com/id?1018405
www.securitytracker.com/id?1018406
www.vupen.com/english/advisories/2007/2559
exchange.xforce.ibmcloud.com/vulnerabilities/35467