CVE-2007-5327

{"id": "CVE-2007-5327", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-10-13T00:17:00.000", "references": [{"url": "http://ruder.cdut.net/blogview.asp?logID=231", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27192", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/3218", "source": "cve@mitre.org"}, {"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.fortiguardcenter.com/advisory/FGA-2007-11.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/482112/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26015", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018805", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/3470", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37064", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37065", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en el interfaz RPC para el Message Engine (mediasvr.exe) en el  CA BrightStor ARCServe BackUp v9.01 hasta la R11.5 y el Enterprise Backup r10.5, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de la inclusi\u00f3n de un argumento largo en el 0x10d opnum."}], "lastModified": "2021-04-07T18:20:52.820", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14"}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "443AB333-2C99-42FF-8F4E-A487BF588E85"}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C339825-77F9-478A-B1F7-A297D5715396"}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36"}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414"}, {"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}