CVE-2007-3825: Buffer Overflow
First published: Wed Jul 18 2007(Updated: )
Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom CA Threat Manager | =8 | |
| CA Protection Suites | =r3 | |
| CA BrightStor ARCserve Backup | ||
| Broadcom BrightStor ARCserve Backup | =11 | |
| Broadcom Anti-Virus for the Enterprise | =8 | |
| Broadcom Alert Notification Server | ||
| CA BrightStor ARCserve Backup | =11.5 | |
| CA BrightStor ARCserve Backup | =11.1 | |
| CA BrightStor ARCserve Backup | =9.01 | |
| Broadcom BrightStor Enterprise Backup | =10.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561
- http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
- http://secunia.com/advisories/26088
- http://www.securityfocus.com/bid/24947
- http://www.securitytracker.com/id?1018402
- http://www.securitytracker.com/id?1018403
- http://www.securitytracker.com/id?1018404
- http://www.securitytracker.com/id?1018405
- http://www.securitytracker.com/id?1018406
- http://www.vupen.com/english/advisories/2007/2559
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35467
Frequently Asked Questions
What is the severity of CVE-2007-3825?
CVE-2007-3825 is rated as high severity due to the potential for remote code execution through stack-based buffer overflows.
How do I fix CVE-2007-3825?
To fix CVE-2007-3825, update to version 8.0.255.0 or later of the affected CA products.
Which software is affected by CVE-2007-3825?
CVE-2007-3825 affects CA Alert Notification Server and several BrightStor ARCserve and Enterprise Backup products.
What kind of vulnerability is CVE-2007-3825?
CVE-2007-3825 is a vulnerability that involves multiple stack-based buffer overflows in the RPC implementation.
Can CVE-2007-3825 be exploited remotely?
Yes, CVE-2007-3825 can be exploited remotely, allowing attackers to execute arbitrary code on vulnerable systems.
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ca
- canonical/broadcom ca threat manager
- version/broadcom ca threat manager/8
- canonical/ca protection suites
- version/ca protection suites/r3
- canonical/ca brightstor arcserve backup
- canonical/broadcom brightstor arcserve backup
- version/broadcom brightstor arcserve backup/11
- canonical/broadcom anti-virus for the enterprise
- version/broadcom anti-virus for the enterprise/8
- vendor/broadcom
- canonical/broadcom alert notification server
- version/ca brightstor arcserve backup/11.5
- version/ca brightstor arcserve backup/11.1
- version/ca brightstor arcserve backup/9.01
- canonical/broadcom brightstor enterprise backup
- version/broadcom brightstor enterprise backup/10.5