Gravité: : Élevé
  Identifiant(s) CVE: : CVE-2007-0169
  Date du conseil: 21 juillet 2015

  Description

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.

  Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

  Solutions

  Trend Micro Deep Security DPI Rule Number: 1000927
  Trend Micro Deep Security DPI Rule Name: 1000927 - CA BrightStor ARCserve Backup Message Engine Buffer Overflow

  Affected software and version:

  • Computer Associates BrightStor ARCserve Backup 11.5
  • Computer Associates BrightStor ARCserve Backup 9.01
  • Computer Associates Enterprise Backup 10.5
  • Computer Associates Server/Business Protection Suite R2