Heap-Based Buffer Overflow in VERITAS Backup Exec from Symantec
CVE-2005-2079

Currently unrated

Key Information:

Vendor: Symantec Veritas
Status: Backup Exec
Vendor: CVE Published:; 2 August 2005

Summary

A heap-based buffer overflow vulnerability exists in the Admin Plus Pack Option for VERITAS Backup Exec version 9.0 through 10.0 for Windows Servers. This flaw enables remote attackers to exploit the vulnerability, potentially leading to arbitrary code execution. The issue arises due to improper handling of input, allowing an attacker to manipulate memory allocation, causing execution of malicious code on an affected server.

References

http://seer.support.veritas.com/docs/276607.htm

x_refsource_CONFIRM

http://www.kb.cert.org/vuls/id/352625

third-party-advisoryx_refsource_CERT-VN

http://seer.support.veritas.com/docs/277429.htm

x_refsource_CONFIRM

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 2, 2005
Vulnerability Reserved
Jun 29, 2005