{ "id": "CVE-2007-3825", "sourceIdentifier": "cve@mitre.org", "published": "2007-07-18T23:30:00.000", "lastModified": "2021-04-07T18:20:52.820", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures." }, { "lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en la implementaci\u00f3n RPC en alert.exe versiones anteriores a 8.0.255.0 en CA (anteriormente denominado Computer Associates) Alert Notification Server, tal y como se usa en Threat Manager for the Enterprise, Protection Suites, determinados productos BrightStor ARCserve, y BrightStor Enterprise Backup, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n enviando determinados datos a procedimientos RPC no especificados." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.3 }, "baseSeverity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:broadcom:alert_notification_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9064AD0-B246-4061-8200-D0999A62987D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*", "matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14" }, { "vulnerable": true, "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36" }, { "vulnerable": true, "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*", "matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414" }, { "vulnerable": true, "criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ca:anti-virus_for_the_enterprise:8:*:enterprise:*:*:*:*:*", "matchCriteriaId": "0662407D-B0D7-4C4A-9F11-D438ED0A186D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*", "matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ca:brightstor_arcserve_client:*:*:windows:*:*:*:*:*", "matchCriteriaId": "BF07EC08-D4C8-415B-86DB-E73E97EEFCB2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*", "matchCriteriaId": "253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:ca:threat_manager:8:*:enterprise:*:*:*:*:*", "matchCriteriaId": "45FA6D91-063C-41FC-B2C4-07B9E043FAFF" } ] } ] } ], "references": [ { "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.securityfocus.com/bid/24947", "source": "cve@mitre.org" }, { "url": "http://www.securitytracker.com/id?1018402", "source": "cve@mitre.org" }, { "url": "http://www.securitytracker.com/id?1018403", "source": "cve@mitre.org" }, { "url": "http://www.securitytracker.com/id?1018404", "source": "cve@mitre.org" }, { "url": "http://www.securitytracker.com/id?1018405", "source": "cve@mitre.org" }, { "url": "http://www.securitytracker.com/id?1018406", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2007/2559", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35467", "source": "cve@mitre.org" } ] }