CVE-2007-0673

CWE-119Buffer Overflow4 documents4 sources
Severity
7.8HIGH
EPSS
1.6%
top 18.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Broadcom Brightstor Arcserve Backup Laptops DesktopsBroadcom Business Protection SuiteBroadcom Desktop Management Suite+2 more
Timeline
PublishedFeb 3
Latest updateMay 1

Description

LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages5 packages

Patches

Patch: supportconnectw.ca.comPatch: www.securityfocus.comPatch: supportconnectw.ca.com

🔴Vulnerability Details

2
GHSA
GHSA-w537-fp8v-wrj7: LGSERVER2022-05-01
CVEList
CVE-2007-0673: LGSERVER2007-02-03

💬Community

1
Bugzilla
CVE-2007-1217 Kernel: CAPI overflow2007-11-28
CVE-2007-0673 (HIGH CVSS 7.8) | LGSERVER.EXE in BrightStor ARCserve | cvebase.io