Format String Vulnerability in Veritas Backup Exec for Windows Servers
CVE-2006-1298

Currently unrated

Key Information:

Vendor: Symantec Veritas
Status: Backup Exec
Vendor: CVE Published:; 19 March 2006

Summary

A format string vulnerability exists in the Job Engine service (bengine.exe) of Veritas Backup Exec products, where improper handling of crafted filenames by remote authenticated users may lead to denial of service and potentially allow the execution of arbitrary code on affected systems. This poses significant security risks in environments where Backup Exec is employed for data protection and management.

References

http://www.securityfocus.com/archive/1/428223/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.symantec.com/avcenter/security/Content/2006.03...

x_refsource_CONFIRM

http://support.veritas.com/docs/282254

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 19, 2006
Vulnerability Reserved
Mar 19, 2006