CVE-2017-8895: Use After Free
First published: Wed May 10 2017(Updated: )
In Veritas Backup Exec 2014 before build 14.1.1187.1126, 15 before build 14.2.1180.3160, and 16 before FP1, there is a use-after-free vulnerability in multiple agents that can lead to a denial of service or remote code execution. An unauthenticated attacker can use this vulnerability to crash the agent or potentially take control of the agent process and then the system it is running on.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Veritas Backup Exec | <14.1.1786.1126 | |
| Veritas Backup Exec | <14.2.1180.3160 | |
| Veritas Backup Exec | <16.0.1142.1327 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/veritas
- canonical/veritas backup exec