Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.
References
Configurations
Configuration 1 (hide)
|
History
09 Apr 2021, 18:54
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:* |
07 Apr 2021, 18:53
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:* cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:* cpe:2.3:a:ca:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:* cpe:2.3:a:ca:business_protection_suite:2.0:*:*:*:*:*:*:* |
cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:* cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:* cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:* cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:* cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:* |
Information
Published : 2007-10-13 00:17
Updated : 2023-12-10 10:40
NVD link : CVE-2007-5331
Mitre link : CVE-2007-5331
CVE.ORG link : CVE-2007-5331
JSON object : View
Products Affected
broadcom
- brightstor_arcserve_backup
- server_protection_suite
- business_protection_suite
- brightstor_enterprise_backup
ca
- business_protection_suite
- brightstor_arcserve_backup
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')