{"api_version":"1","generated_at":"2026-04-23T08:03:54+00:00","cve":"CVE-2007-5325","urls":{"html":"https://cve.report/CVE-2007-5325","api":"https://cve.report/api/cve/CVE-2007-5325.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-5325","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-5325"},"summary":{"title":"CVE-2007-5325","description":"Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-10-13 00:17:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-119","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securityfocus.com/bid/26015","name":"http://www.securityfocus.com/bid/26015","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Computer Associates BrightStor ARCserve Backup Multiple Remote Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2007/3470","name":"http://www.vupen.com/english/advisories/2007/3470","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27192","name":"http://secunia.com/advisories/27192","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"CA BrightStor ARCServe Backup Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp","name":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1018805","name":"http://www.securitytracker.com/id?1018805","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - CA BrightStor ARCserve Backup Buffer Overflows and Memory Corruption Errors Let Remote Users Execute Arbitrary Code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/482121/100/0/threaded","name":"http://www.securityfocus.com/archive/1/482121/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37063","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37063","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-5325","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5325","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"5325","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_arcserve_backup","cpe6":"10.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5325","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_arcserve_backup","cpe6":"11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5325","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_arcserve_backup","cpe6":"11.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5325","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_arcserve_backup","cpe6":"11.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5325","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_arcserve_backup","cpe6":"9.01","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5325","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_enterprise_backup","cpe6":"10.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T15:24:42.402Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"27192","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27192"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"},{"name":"ca-brightstor-messageengine-ascore-bo(37063)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37063"},{"name":"20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/482121/100/0/threaded"},{"name":"26015","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/26015"},{"name":"1018805","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1018805"},{"name":"ADV-2007-3470","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/3470"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-10-10T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-15T20:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"27192","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27192"},{"tags":["x_refsource_CONFIRM"],"url":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"},{"name":"ca-brightstor-messageengine-ascore-bo(37063)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37063"},{"name":"20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/482121/100/0/threaded"},{"name":"26015","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/26015"},{"name":"1018805","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1018805"},{"name":"ADV-2007-3470","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/3470"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-5325","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"27192","refsource":"SECUNIA","url":"http://secunia.com/advisories/27192"},{"name":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp","refsource":"CONFIRM","url":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"},{"name":"ca-brightstor-messageengine-ascore-bo(37063)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37063"},{"name":"20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/482121/100/0/threaded"},{"name":"26015","refsource":"BID","url":"http://www.securityfocus.com/bid/26015"},{"name":"1018805","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1018805"},{"name":"ADV-2007-3470","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3470"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-5325","datePublished":"2007-10-13T00:00:00.000Z","dateReserved":"2007-10-10T00:00:00.000Z","dateUpdated":"2024-08-07T15:24:42.402Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-10-13 00:17:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-119","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*","matchCriteriaId":"F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*","matchCriteriaId":"443AB333-2C99-42FF-8F4E-A487BF588E85"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*","matchCriteriaId":"8C339825-77F9-478A-B1F7-A297D5715396"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*","matchCriteriaId":"E37161BE-6AF5-40E0-BD63-2C17431D8B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*","matchCriteriaId":"477EE032-D183-478F-A2BF-6165277A7414"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*","matchCriteriaId":"78AA54EA-DAF1-4635-AA1B-E2E49C4BB597"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"5325","Ordinal":"1","Title":"CVE-2007-5325","CVE":"CVE-2007-5325","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"5325","Ordinal":"1","NoteData":"Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.","Type":"Description","Title":"CVE-2007-5325"},{"CveYear":"2007","CveId":"5325","Ordinal":"2","NoteData":"2007-10-12","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"5325","Ordinal":"3","NoteData":"2018-10-15","Type":"Other","Title":"Modified"}]}}}