CVE-2007-5326

Published: Oct 13, 2007Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.

Affected (9)

Products: Broadcom: Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite, Server Protection Suite · Ca: Brightstor Arcserve Backup, Business Protection Suite

4 products

Brightstor Arcserve Backup

Brightstor Enterprise Backup

Business Protection Suite

Server Protection Suite

2 products

Brightstor Arcserve Backup

Business Protection Suite

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Broadcom Brightstor Arcserve Backup	Version 11.1
Broadcom Brightstor Arcserve Backup	Version 11.5
Broadcom Brightstor Arcserve Backup	Version 9.01
Broadcom Brightstor Enterprise Backup	Version 10.5
Broadcom Business Protection Suite	Version 2.0
Broadcom Server Protection Suite	Version 2
Ca Brightstor Arcserve Backup	Version 11
Ca Business Protection Suite	Version 2.0
Ca Business Protection Suite	Version 2.0

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (16)

http://osvdb.org/41368

Source: cve@mitre.org

http://secunia.com/advisories/27192

Source: cve@mitre.org

http://secunia.com/secunia_research/2007-49/advisory/

Source: cve@mitre.org

PatchVendor Advisory

http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp

Source: cve@mitre.org

Patch

http://www.securityfocus.com/archive/1/482121/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/26015

Source: cve@mitre.org

http://www.securitytracker.com/id?1018805

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/3470

Source: cve@mitre.org

http://osvdb.org/41368

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/27192

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/secunia_research/2007-49/advisory/

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/archive/1/482121/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/26015

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1018805

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/3470

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.