CVE-2007-5005
published 2007-10-01CVE-2007-5005: Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows…
PriorityP344critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
5.24%
91.5th percentile
Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup_laptops_desktops | — | — |
| broadcom | brightstor_arcserve_backup_laptops_desktops | — | — |
| broadcom | brightstor_arcserve_backup_laptops_desktops | — | — |
| broadcom | brightstor_arcserve_backup_laptops_desktops | — | — |
| broadcom | desktop_management_suite | — | — |
| broadcom | desktop_management_suite | — | — |
| broadcom | desktop_management_suite | — | — |
| ca | protection_suites | — | — |
| msrc | microsoft_edge | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vx68-whc5-qv39: Directory traversal vulnerability in rxRPC
ghsa_unreviewed·2022-05-01
CVE-2007-5005 [HIGH] CWE-22 GHSA-vx68-whc5-qv39: Directory traversal vulnerability in rxRPC
Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command.
Microsoft
Chromium: CVE-2022-2007 Use after free in WebGPU
vendor_msrc·2022-06-14·CVSS 8.8
CVE-2022-2007 [HIGH] Chromium: CVE-2022-2007 Use after free in WebGPU
Chromium: CVE-2022-2007 Use after free in WebGPU
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
102.0.1245.41
6/13/2022
102.0.5005.115
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In yo
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://research.eeye.com/html/advisories/published/AD20070920.htmlhttp://secunia.com/advisories/25606http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asphttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676http://www.securityfocus.com/archive/1/480252/100/100/threadedhttp://www.securityfocus.com/bid/24348http://www.securitytracker.com/id?1018728http://research.eeye.com/html/advisories/published/AD20070920.htmlhttp://secunia.com/advisories/25606http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asphttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676http://www.securityfocus.com/archive/1/480252/100/100/threadedhttp://www.securityfocus.com/bid/24348http://www.securitytracker.com/id?1018728
2007-10-01
Published