{"api_version":"1","generated_at":"2026-04-23T04:09:19+00:00","cve":"CVE-2007-5327","urls":{"html":"https://cve.report/CVE-2007-5327","api":"https://cve.report/api/cve/CVE-2007-5327.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-5327","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-5327"},"summary":{"title":"CVE-2007-5327","description":"Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-10-13 00:17:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-119","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securityfocus.com/bid/26015","name":"http://www.securityfocus.com/bid/26015","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Computer Associates BrightStor ARCserve Backup Multiple Remote Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://securityreason.com/securityalert/3218","name":"http://securityreason.com/securityalert/3218","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"CXSecurity - IDS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/3470","name":"http://www.vupen.com/english/advisories/2007/3470","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.fortiguardcenter.com/advisory/FGA-2007-11.html","name":"http://www.fortiguardcenter.com/advisory/FGA-2007-11.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"FortiGuard Center  - FortiGuard Advisory - Vulnerability Affecting CA BrightStor ARCServe BackUp","mime":"text/html","httpstatus":"500","archivestatus":"200"},{"url":"http://secunia.com/advisories/27192","name":"http://secunia.com/advisories/27192","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"CA BrightStor ARCServe Backup Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp","name":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37065","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37065","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1018805","name":"http://www.securitytracker.com/id?1018805","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - CA BrightStor ARCserve Backup Buffer Overflows and Memory Corruption Errors Let Remote Users Execute Arbitrary Code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37064","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37064","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/482121/100/0/threaded","name":"http://www.securityfocus.com/archive/1/482121/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://ruder.cdut.net/blogview.asp?logID=231","name":"http://ruder.cdut.net/blogview.asp?logID=231","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://www.securityfocus.com/archive/1/482112/100/0/threaded","name":"http://www.securityfocus.com/archive/1/482112/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-5327","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5327","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"5327","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_arcserve_backup","cpe6":"10.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5327","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_arcserve_backup","cpe6":"11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5327","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_arcserve_backup","cpe6":"11.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5327","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_arcserve_backup","cpe6":"11.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5327","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_arcserve_backup","cpe6":"9.01","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"5327","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"broadcom","cpe5":"brightstor_enterprise_backup","cpe6":"10.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T15:24:42.475Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"ca-brightstor-rpc-rpcx-bo(37064)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37064"},{"name":"27192","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27192"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"},{"name":"3218","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/3218"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://ruder.cdut.net/blogview.asp?logID=231"},{"name":"20071011 CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/482112/100/0/threaded"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.fortiguardcenter.com/advisory/FGA-2007-11.html"},{"name":"20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/482121/100/0/threaded"},{"name":"ca-brightstor-messageengine-bo(37065)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37065"},{"name":"26015","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/26015"},{"name":"1018805","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1018805"},{"name":"ADV-2007-3470","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/3470"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-10-11T00:00:00.000Z","descriptions":[{"lang":"en","value":"Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-15T20:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"ca-brightstor-rpc-rpcx-bo(37064)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37064"},{"name":"27192","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27192"},{"tags":["x_refsource_CONFIRM"],"url":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"},{"name":"3218","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/3218"},{"tags":["x_refsource_MISC"],"url":"http://ruder.cdut.net/blogview.asp?logID=231"},{"name":"20071011 CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/482112/100/0/threaded"},{"tags":["x_refsource_MISC"],"url":"http://www.fortiguardcenter.com/advisory/FGA-2007-11.html"},{"name":"20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/482121/100/0/threaded"},{"name":"ca-brightstor-messageengine-bo(37065)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37065"},{"name":"26015","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/26015"},{"name":"1018805","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1018805"},{"name":"ADV-2007-3470","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/3470"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-5327","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"ca-brightstor-rpc-rpcx-bo(37064)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37064"},{"name":"27192","refsource":"SECUNIA","url":"http://secunia.com/advisories/27192"},{"name":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp","refsource":"CONFIRM","url":"http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"},{"name":"3218","refsource":"SREASON","url":"http://securityreason.com/securityalert/3218"},{"name":"http://ruder.cdut.net/blogview.asp?logID=231","refsource":"MISC","url":"http://ruder.cdut.net/blogview.asp?logID=231"},{"name":"20071011 CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/482112/100/0/threaded"},{"name":"http://www.fortiguardcenter.com/advisory/FGA-2007-11.html","refsource":"MISC","url":"http://www.fortiguardcenter.com/advisory/FGA-2007-11.html"},{"name":"20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/482121/100/0/threaded"},{"name":"ca-brightstor-messageengine-bo(37065)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/37065"},{"name":"26015","refsource":"BID","url":"http://www.securityfocus.com/bid/26015"},{"name":"1018805","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1018805"},{"name":"ADV-2007-3470","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3470"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-5327","datePublished":"2007-10-13T00:00:00.000Z","dateReserved":"2007-10-10T00:00:00.000Z","dateUpdated":"2024-08-07T15:24:42.475Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-10-13 00:17:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-119","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*","matchCriteriaId":"F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*","matchCriteriaId":"443AB333-2C99-42FF-8F4E-A487BF588E85"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*","matchCriteriaId":"8C339825-77F9-478A-B1F7-A297D5715396"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*","matchCriteriaId":"E37161BE-6AF5-40E0-BD63-2C17431D8B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*","matchCriteriaId":"477EE032-D183-478F-A2BF-6165277A7414"},{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*","matchCriteriaId":"78AA54EA-DAF1-4635-AA1B-E2E49C4BB597"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"5327","Ordinal":"1","Title":"CVE-2007-5327","CVE":"CVE-2007-5327","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"5327","Ordinal":"1","NoteData":"Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.","Type":"Description","Title":"CVE-2007-5327"},{"CveYear":"2007","CveId":"5327","Ordinal":"2","NoteData":"2007-10-12","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"5327","Ordinal":"3","NoteData":"2018-10-15","Type":"Other","Title":"Modified"}]}}}