CVE-2007-3825

3 documents3 sources

Severity

9.3CRITICAL

EPSS

28.0%

top 3.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Brightstor Arcserve Backup Broadcom Brightstor Enterprise Backup CA Anti-virus FOR THE Enterprise +3 more

Timeline

PublishedJul 18

Latest updateMay 1

Description

Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages6 packages

▶NVDbroadcom/brightstor_enterprise_backup10.5

▶NVDca/brightstor_arcserve_backup11

▶NVDbroadcom/brightstor_arcserve_backup11.1, 11.5, 9.01+2

▶NVDca/threat_manager8

▶NVDca/protection_suitesr3

Patches

Patch: secunia.com ↗Patch: supportconnectw.ca.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-hqgm-p47x-vmfg: Multiple stack-based buffer overflows in the RPC implementation in alert↗2022-05-01

▶

CVEList

CVE-2007-3825: Multiple stack-based buffer overflows in the RPC implementation in alert↗2007-07-18

▶