CVE-2009-0311

Published: Jan 27, 2009Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The Backbone service (ftbackbone.exe) in EMC AutoStart before 5.3 SP2 allows remote attackers to execute arbitrary code via a packet with a crafted value that is dereferenced as a function pointer.

Affected (2)

Products: Emc: Autostart

Emc

1 product

Autostart

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Emc Autostart	Up to 5.3
Emc Autostart	Version 5.3

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (14)

http://osvdb.org/51566

Source: cve@mitre.org

http://secunia.com/advisories/33667

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/500350/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/33415

Source: cve@mitre.org

http://www.securitytracker.com/id?1021636

Source: cve@mitre.org

http://zerodayinitiative.com/advisories/ZDI-09-009/

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/48197

Source: cve@mitre.org

http://osvdb.org/51566