CVE-2008-2242

CWE-119 — Buffer Overflow3 documents3 sources

Severity

7.5HIGH

EPSS

12.1%

top 6.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Brightstor Arcserve Backup CA Brightstor Arcserve Backup

Timeline

PublishedMay 21

Latest updateMay 1

Description

Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDca/brightstor_arcserve_backup11.0

▶NVDbroadcom/brightstor_arcserve_backup11.1, 11.5+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-mfqc-h8gp-97w2: Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11↗2022-05-01

▶

CVEList

CVE-2008-2242: Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11↗2008-05-21

▶