CVE-2008-3175

CWE-1893 documents3 sources

Severity

10.0CRITICAL

EPSS

24.3%

top 3.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Brightstor Arcserve Backup Broadcom Desktop Management Suite CA Arcserve Backup FOR Laptops AND Desktops +2 more

Timeline

PublishedAug 1

Latest updateMay 1

Description

Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages5 packages

▶NVDca/arcserve_backup11.0, 11.1, 11.5+2

▶NVDca/brightstor_arcserve_backup11.0, 11.1+1

▶NVDbroadcom/brightstor_arcserve_backup11.1, 11.5+1

▶NVDca/protection_suites2, 3.0, 3.1+2

▶NVDbroadcom/desktop_management_suite11.1, 11.2+1

Patches

Patch: www.securityfocus.com ↗Patch: support.ca.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-95g3-39r5-4xw6: Integer underflow in rxRPC↗2022-05-01

▶

CVEList

CVE-2008-3175: Integer underflow in rxRPC↗2008-08-01

▶