Vulnerability Details CVE-2007-0168
The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote attackers to execute arbitrary code via certain data in opnum 0xBF in an RPC request, which is directly executed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.6
EPSS Ranking 98.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://livesploit.com/advisories/LS-20061002.pdf
- http://osvdb.org/31327
- http://secunia.com/advisories/23648
- http://securitytracker.com/id?1017506
- http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
- http://www.kb.cert.org/vuls/id/662400
- http://www.lssec.com/advisories/LS-20061002.pdf
- http://www.securityfocus.com/archive/1/456616/100/0/threaded
- http://www.securityfocus.com/archive/1/456637
- http://www.securityfocus.com/archive/1/456711
- http://www.securityfocus.com/bid/22010
- http://www.vupen.com/english/advisories/2007/0154
- http://www.zerodayinitiative.com/advisories/ZDI-07-002.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31442
- http://livesploit.com/advisories/LS-20061002.pdf
- http://osvdb.org/31327
- http://secunia.com/advisories/23648
- http://securitytracker.com/id?1017506
- http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
- http://www.kb.cert.org/vuls/id/662400
- http://www.lssec.com/advisories/LS-20061002.pdf
- http://www.securityfocus.com/archive/1/456616/100/0/threaded
- http://www.securityfocus.com/archive/1/456637
- http://www.securityfocus.com/archive/1/456711
- http://www.securityfocus.com/bid/22010
- http://www.vupen.com/english/advisories/2007/0154
- http://www.zerodayinitiative.com/advisories/ZDI-07-002.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31442
Products affected by CVE-2007-0168
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:-
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.0
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:7.0
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.0
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.0.1
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01
-
cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5
-
cpe:2.3:a:broadcom:business_protection_suite:2.0