Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-5082

CWE-119 — Buffer Overflow5 documents4 sources

Severity

10.0CRITICAL

EPSS

70.5%

top 1.31%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Broadcom Brightstor Hierarchical Storage Manager

Timeline

PublishedOct 1

Latest updateMay 1

Description

Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDbroadcom/brightstor_hierarchical_storage_manager11.5

Patches

Patch: secunia.com ↗Patch: supportconnectw.ca.com ↗Patch: www.ca.com ↗

🔴Vulnerability Details

GHSA

GHSA-642r-w5cm-5w9c: Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11↗2022-05-01

▶

CVEList

CVE-2007-5082: Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11↗2007-10-01

▶

💥Exploits & PoCs

Exploit-DB

CA BrightStor - HSM Buffer Overflow (Metasploit)↗2010-05-09

▶

Exploit-DB

CA BrightStor HSM r11.5 - Remote Stack Overflow / Denial of Service↗2007-10-27

▶