First published: Mon Mar 24 2008(Updated: )
Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
CA ARCserve Backup for Laptops and Desktops | =11.5 | |
Broadcom Desktop Management Suite | =r11.1-a | |
Broadcom Desktop Management Suite | =r11.1-c1 | |
Broadcom Desktop Management Suite | =r11.1-ga | |
Broadcom Desktop Management Suite | =r11.2 | |
CA Unicenter DSM R11 List Control ATX | =11.2.3.1895 | |
Broadcom Unicenter Asset Management | =r11.1-a | |
Broadcom Unicenter Asset Management | =r11.1-c1 | |
Broadcom Unicenter Asset Management | =r11.1-ga | |
Broadcom Unicenter Asset Management | =r11.2 | |
Broadcom Unicenter Asset Management | =r11.2-a | |
Broadcom Unicenter Asset Management | =r11.2-c1 | |
Unicenter Desktop Management | =r11.1-a | |
Unicenter Desktop Management | =r11.1-c1 | |
Unicenter Desktop Management | =r11.1-ga | |
Unicenter Desktop Management | =r11.2 | |
Unicenter Desktop Management | =r11.2-a | |
Unicenter Desktop Management | =r11.2-c1 | |
CA Unicenter Remote Control | =r11.1-a | |
CA Unicenter Remote Control | =r11.1-c1 | |
CA Unicenter Remote Control | =r11.1-ga | |
CA Unicenter Remote Control | =r11.2 | |
CA Unicenter Remote Control | =r11.2-a | |
CA Unicenter Remote Control | =r11.2-c1 | |
Broadcom Unicenter Software Delivery | =r11.1-a | |
Broadcom Unicenter Software Delivery | =r11.1-c1 | |
Broadcom Unicenter Software Delivery | =r11.1-ga | |
Broadcom Unicenter Software Delivery | =r11.2 | |
Broadcom Unicenter Software Delivery | =r11.2-a | |
Broadcom Unicenter Software Delivery | =r11.2-c1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Yes, CVE-2008-1472 can be exploited remotely by attackers to execute arbitrary code on affected systems.