CVE-2013-4575

Published: Aug 5, 2013Modified: Apr 29, 2026

7.9

Vector

AV:A/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 5.5 / Impact: 10.0

Source: NVD

Description

Heap-based buffer overflow in the utility program in the Linux agent in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via unspecified vectors.

Affected (3)

Products: Symantec: Backup Exec

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Symantec Backup Exec	Version 2010
Symantec Backup Exec	Version 2010 r3
Symantec Backup Exec	Version 2012

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (6)

http://osvdb.org/95938

Source: secure@symantec.com

http://www.securityfocus.com/bid/61485

Source: secure@symantec.com

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130801_00

Source: secure@symantec.com

http://osvdb.org/95938

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/61485

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130801_00

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.