CVE-2007-5331

Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*
cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_premium:*:*:*:*:*
cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_standard:*:*:*:*:*

History

21 Nov 2024, 00:37

Type Values Removed Values Added
References () http://osvdb.org/41371 - () http://osvdb.org/41371 -
References () http://research.eeye.com/html/advisories/published/AD20071011.html - () http://research.eeye.com/html/advisories/published/AD20071011.html -
References () http://secunia.com/advisories/27192 - Vendor Advisory () http://secunia.com/advisories/27192 - Vendor Advisory
References () http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp - Patch () http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp - Patch
References () http://www.securityfocus.com/archive/1/482114/100/0/threaded - () http://www.securityfocus.com/archive/1/482114/100/0/threaded -
References () http://www.securityfocus.com/archive/1/482121/100/0/threaded - () http://www.securityfocus.com/archive/1/482121/100/0/threaded -
References () http://www.securityfocus.com/bid/24680 - () http://www.securityfocus.com/bid/24680 -
References () http://www.securitytracker.com/id?1018805 - () http://www.securitytracker.com/id?1018805 -
References () http://www.vupen.com/english/advisories/2007/3470 - Vendor Advisory () http://www.vupen.com/english/advisories/2007/3470 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/37071 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/37071 -

Information

Published : 2007-10-13 00:17

Updated : 2024-11-21 00:37


NVD link : CVE-2007-5331

Mitre link : CVE-2007-5331

CVE.ORG link : CVE-2007-5331


JSON object : View

Products Affected

ca

  • brightstor_arcserve_backup
  • business_protection_suite

broadcom

  • brightstor_enterprise_backup
  • brightstor_arcserve_backup
  • server_protection_suite
  • business_protection_suite
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')