Buffer Overflow Vulnerability in VERITAS Storage Exec and StorageCentral
CVE-2005-2996

Currently unrated

Key Information:

Vendor: Symantec Veritas
Status: Storage Exec; Storagecentral
Vendor: CVE Published:; 20 September 2005

🔔 Create Symantec Veritas Vulnerability Alert

What is CVE-2005-2996?

The vulnerability arises from multiple heap-based and stack-based buffer overflows found in certain DCOM server components of VERITAS Storage Exec and StorageCentral. An attacker can exploit these vulnerabilities through specially crafted ActiveX controls, potentially leading to the execution of arbitrary code on the affected system. Users running outdated versions of these products should prioritize updating to the latest hotfixes to mitigate the risk.

References

http://www.kb.cert.org/vuls/id/620497

third-party-advisoryx_refsource_CERT-VN

http://www.kb.cert.org/vuls/id/927793

third-party-advisoryx_refsource_CERT-VN

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

EPSS Score

11% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 20, 2005
Vulnerability Reserved
Sep 20, 2005