CVE-2007-3509

Currently unrated

Key Information:

Vendor: Symantec
Status: Veritas Backup Exec
Vendor: CVE Published:; 12 July 2007

Summary

Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests.

References

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

http://www.vupen.com/english/advisories/2007/2505

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/26032

third-party-advisoryx_refsource_SECUNIA

EPSS Score

32% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 12, 2007
Vulnerability Reserved
Jul 2, 2007