CVE-2007-5328
Summary
| CVE | CVE-2007-5328 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-10-13 00:17:00 UTC |
| Updated | 2021-04-07 18:20:00 UTC |
| Description | The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain "insecure method calls" to modify the file system and registry, aka "Privileged function exposure." |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Broadcom | Brightstor Arcserve Backup | 10.5 | All | All | All |
| Application | Broadcom | Brightstor Arcserve Backup | 11 | All | All | All |
| Application | Broadcom | Brightstor Arcserve Backup | 11.1 | All | All | All |
| Application | Broadcom | Brightstor Arcserve Backup | 11.5 | All | All | All |
| Application | Broadcom | Brightstor Arcserve Backup | 9.01 | All | All | All |
| Application | Broadcom | Brightstor Enterprise Backup | 10.5 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 10.5 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 11 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 11.1 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 11.5 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 9.01 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 10.5 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 11 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 11.1 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 11.5 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 9.01 | All | All | All |
| Application | Ca | Brightstor Enterprise Backup | 10.5 | All | All | All |
| Application | Ca | Brightstor Enterprise Backup | 10.5 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Computer Associates BrightStor ARCserve Backup Multiple Remote Vulnerabilities | BID | www.securityfocus.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CA BrightStor ARCServe Backup Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| SecurityTracker.com Archives - CA BrightStor ARCserve Backup Buffer Overflows and Memory Corruption Errors Let Remote Users Execute Arbitrary Code | SECTRACK | www.securitytracker.com | |
| supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp | CONFIRM | supportconnectw.ca.com | Patch |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.