CVE-2007-0168

Currently unrated

Key Information:

Vendor: Broadcom
Status: Brightstor Arcserve Backup; Brightstor Enterprise Backup; Business Protection Suite
Vendor: CVE Published:; 11 January 2007

Summary

The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote attackers to execute arbitrary code via certain data in opnum 0xBF in an RPC request, which is directly executed.

References

http://supportconnectw.ca.com/public/storage/infodocs/bab...

x_refsource_CONFIRM

http://livesploit.com/advisories/LS-20061002.pdf

x_refsource_MISC

http://www.securityfocus.com/bid/22010

vdb-entryx_refsource_BID

EPSS Score

85% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 11, 2007
Vulnerability Reserved
Jan 10, 2007