CVE-2007-5327: Buffer Overflow
First published: Sat Oct 13 2007(Updated: )
Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CA BrightStor ARCserve Backup | =9.01 | |
| CA BrightStor ARCserve Backup | =10.5 | |
| CA BrightStor ARCserve Backup | =11 | |
| CA BrightStor ARCserve Backup | =11.1 | |
| CA BrightStor ARCserve Backup | =11.5 | |
| Broadcom BrightStor Enterprise Backup | =10.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.fortiguardcenter.com/advisory/FGA-2007-11.html
- http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp
- http://www.securityfocus.com/bid/26015
- http://www.securitytracker.com/id?1018805
- http://secunia.com/advisories/27192
- http://securityreason.com/securityalert/3218
- http://ruder.cdut.net/blogview.asp?logID=231
- http://www.vupen.com/english/advisories/2007/3470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37065
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37064
- http://www.securityfocus.com/archive/1/482121/100/0/threaded
- http://www.securityfocus.com/archive/1/482112/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2007-5327?
CVE-2007-5327 is considered critical due to its potential for remote code execution.
How do I fix CVE-2007-5327?
To fix CVE-2007-5327, apply the latest security patches provided by Broadcom for BrightStor ARCServe Backup and Enterprise Backup.
What types of systems are affected by CVE-2007-5327?
CVE-2007-5327 affects various versions of Broadcom's BrightStor ARCServe Backup and Enterprise Backup software.
Can CVE-2007-5327 be exploited remotely?
Yes, CVE-2007-5327 can be exploited remotely by attackers sending specially crafted requests to the vulnerable software.
What are the potential consequences of CVE-2007-5327?
Exploiting CVE-2007-5327 can result in arbitrary code execution, potentially allowing an attacker to take control of the affected system.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/broadcom
- canonical/ca brightstor arcserve backup
- version/ca brightstor arcserve backup/9.01
- version/ca brightstor arcserve backup/10.5
- version/ca brightstor arcserve backup/11
- version/ca brightstor arcserve backup/11.1
- version/ca brightstor arcserve backup/11.5
- canonical/broadcom brightstor enterprise backup
- version/broadcom brightstor enterprise backup/10.5