Remote Code Execution Vulnerability in CA ARCserve Backup by CA Technologies
CVE-2008-5415

Currently unrated

Key Information:

Vendor: Broadcom
Status: Arcserve Backup
Vendor: CVE Published:; 11 December 2008

What is CVE-2008-5415?

A vulnerability exists in the LDBserver service of CA ARCserve Backup versions 11.1 to 12.0 on Windows, which permits remote attackers to execute arbitrary code. This is achieved through manipulation of a handle_t argument in an RPC endpoint that references an incompatible procedure, leading to potential unauthorized actions and breaches in system integrity.

References

http://www.securityfocus.com/archive/1/499128/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/secunia_research/2007-82/

x_refsource_MISC

http://secunia.com/advisories/27299

third-party-advisoryx_refsource_SECUNIA

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 11, 2008
Vulnerability Reserved
Dec 9, 2008

Broadcom

What is CVE-2008-5415?

References

EPSS Score

Timeline