CVE-2007-5004

CWE-1893 documents3 sources

Severity

9.3CRITICAL

EPSS

13.0%

top 5.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Brightstor Arcserve Backup Laptops Desktops Broadcom Desktop Management Suite CA Protection Suites

Timeline

PublishedOct 1

Latest updateMay 1

Description

Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain "useless" password.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶NVDbroadcom/brightstor_arcserve_backup_laptops_desktops4 versions+3

▶NVDca/protection_suitesr2

▶NVDbroadcom/desktop_management_suite11.0, 11.1, 11.2+2

Patches

Patch: secunia.com ↗Patch: supportconnectw.ca.com ↗Patch: www.ca.com ↗

🔴Vulnerability Details

GHSA

GHSA-mmjq-xf76-8m96: Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11↗2022-05-01

▶

CVEList

CVE-2007-5004: Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11↗2007-10-01

▶