CVE-2007-3825

Summary

CVE	CVE-2007-3825
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2007-07-18 23:30:00 UTC
Updated	2021-04-07 18:20:00 UTC
Description	Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Broadcom	Alert Notification Server	All	All	All	All
Application	Broadcom	Brightstor Arcserve Backup	11.1	All	All	All
Application	Broadcom	Brightstor Arcserve Backup	11.5	All	All	All
Application	Broadcom	Brightstor Arcserve Backup	9.01	All	All	All
Application	Broadcom	Brightstor Enterprise Backup	10.5	All	All	All
Application	Ca	Alert Notification Server	All	All	All	All
Application	Ca	Alert Notification Server	All	All	All	All
Application	Ca	Anti-virus For The Enterprise	8	All	enterprise	All
Application	Ca	Anti-virus For The Enterprise	8	All	enterprise	All
Application	Ca	Brightstor Arcserve Backup	11	All	windows	All
Application	Ca	Brightstor Arcserve Backup	11.1	All	All	All
Application	Ca	Brightstor Arcserve Backup	11.5	All	All	All
Application	Ca	Brightstor Arcserve Backup	9.01	All	All	All
Application	Ca	Brightstor Arcserve Backup	11	All	windows	All
Application	Ca	Brightstor Arcserve Backup	11.1	All	All	All
Application	Ca	Brightstor Arcserve Backup	11.5	All	All	All
Application	Ca	Brightstor Arcserve Backup	9.01	All	All	All
Application	Ca	Brightstor Arcserve Client	All	All	windows	All
Application	Ca	Brightstor Arcserve Client	All	All	windows	All
Application	Ca	Brightstor Enterprise Backup	10.5	All	All	All
Application	Ca	Brightstor Enterprise Backup	10.5	All	All	All
Application	Ca	Protection Suites	r3	All	All	All
Application	Ca	Protection Suites	r3	All	All	All
Application	Ca	Threat Manager	8	All	enterprise	All
Application	Ca	Threat Manager	8	All	enterprise	All

References

Reference	Source	Link	Tags
Computer Associates Alert Notification Server Multiple Buffer Overflow Vulnerabilities	BID	www.securityfocus.com
CA Server Protection Suite Stack Overflows in Alert Notification Service Let Remote Users Execute Arbitrary Code - SecurityTracker	SECTRACK	www.securitytracker.com
supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp	CONFIRM	supportconnectw.ca.com	Patch
BrightStor Enterprise Backup Stack Overflows in Alert Notification Service Let Remote Users Execute Arbitrary Code - SecurityTracker	SECTRACK	www.securitytracker.com
BrightStor ARCserve Stack Overflows in Alert Notification Service Let Remote Users Execute Arbitrary Code - SecurityTracker	SECTRACK	www.securitytracker.com
CA Products Alert Notification Server Multiple Buffer Overflows - Advisories - Secunia	SECUNIA	secunia.com	Patch, Vendor Advisory
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
CA Business Protection Suite Stack Overflows in Alert Notification Service Let Remote Users Execute Arbitrary Code - SecurityTracker	SECTRACK	www.securitytracker.com
CA Threat Manager Stack Overflows in Alert Notification Service Let Remote Users Execute Arbitrary Code - SecurityTracker	SECTRACK	www.securitytracker.com
20070717 Computer Associates Alert Notification Server Multiple Buffer Overflow Vulnerabilities	IDEFENSE	labs.idefense.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.