Buffer Overflow Vulnerability in VERITAS Storage Exec and StorageCentral
CVE-2005-2996

Currently unrated

Key Information:

Vendor
Symantec Veritas
Status
Storage Exec
Storagecentral
Vendor
CVE Published:
20 September 2005

Summary

The vulnerability arises from multiple heap-based and stack-based buffer overflows found in certain DCOM server components of VERITAS Storage Exec and StorageCentral. An attacker can exploit these vulnerabilities through specially crafted ActiveX controls, potentially leading to the execution of arbitrary code on the affected system. Users running outdated versions of these products should prioritize updating to the latest hotfixes to mitigate the risk.

References

http://www.kb.cert.org/vuls/id/620497
third-party-advisoryx_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/927793
third-party-advisoryx_refsource_CERT-VN
http://securityresponse.symantec.com/avcenter/security/Co...
x_refsource_CONFIRM

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2005-2996 : Buffer Overflow Vulnerability in VERITAS Storage Exec and StorageCentral | SecurityVulnerability.io