Vulnerability Details CVE-2007-0673
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.8%
CVSS Severity
CVSS v2 Score 7.8
References
- http://osvdb.org/32948
- http://securityreason.com/securityalert/2218
- http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp
- http://www.securityfocus.com/archive/1/458650/100/0/threaded
- http://www.securityfocus.com/bid/22337
- http://osvdb.org/32948
- http://securityreason.com/securityalert/2218
- http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp
- http://www.securityfocus.com/archive/1/458650/100/0/threaded
- http://www.securityfocus.com/bid/22337
Products affected by CVE-2007-0673
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1
-
cpe:2.3:a:broadcom:business_protection_suite:2.0
-
cpe:2.3:a:broadcom:desktop_management_suite:11.0
-
cpe:2.3:a:broadcom:desktop_management_suite:11.1
-
cpe:2.3:a:broadcom:desktop_protection_suite:2.0
-
cpe:2.3:a:ca:business_protection_suite:2.0