CVE-2007-3825
Summary
| CVE | CVE-2007-3825 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-07-18 23:30:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures. |
Risk And Classification
Primary CVSS: v2.0 9.3 from [email protected]
AV:N/AC:M/Au:N/C:C/I:C/A:C
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:N/AC:M/Au:N/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Broadcom | Alert Notification Server | All | All | All | All |
| Application | Broadcom | Brightstor Arcserve Backup | 11.1 | All | All | All |
| Application | Broadcom | Brightstor Arcserve Backup | 11.5 | All | All | All |
| Application | Broadcom | Brightstor Arcserve Backup | 9.01 | All | All | All |
| Application | Broadcom | Brightstor Enterprise Backup | 10.5 | All | All | All |
| Application | Ca | Anti-virus For The Enterprise | 8 | All | enterprise | All |
| Application | Ca | Brightstor Arcserve Backup | 11 | All | windows | All |
| Application | Ca | Brightstor Arcserve Client | All | All | windows | All |
| Application | Ca | Protection Suites | r3 | All | All | All |
| Application | Ca | Threat Manager | 8 | All | enterprise | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CA Server Protection Suite Stack Overflows in Alert Notification Service Let Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| BrightStor ARCserve Stack Overflows in Alert Notification Service Let Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp | af854a3a-2127-422b-91ae-364da2661108 | supportconnectw.ca.com | Patch |
| CA Threat Manager Stack Overflows in Alert Notification Service Let Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| Computer Associates Alert Notification Server Multiple Buffer Overflow Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| BrightStor Enterprise Backup Stack Overflows in Alert Notification Service Let Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| labs.idefense.com/intelligence/vulnerabilities/display.php | af854a3a-2127-422b-91ae-364da2661108 | labs.idefense.com | Vendor Advisory |
| CA Business Protection Suite Stack Overflows in Alert Notification Service Let Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| CA Products Alert Notification Server Multiple Buffer Overflows - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Patch, Vendor Advisory |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.