Symantec Backup Exec for Windows Servers is a backup and recovery solution for Windows servers.
An ActiveX buffer overflow vulnerability in
**pvcalendar.ocx** in the scheduler component of Symantec Backup Exec for Windows Servers allows command execution when a user loads a web page which calls the
**Save** method with a long
Apply the hotfix.
Exploit works on Symantec Backup Exec for Windows Server 11d Build 11.0.7170 and requires a user who has installed the vulnerable ActiveX control to load the exploit page into Internet Explorer.