13 results (0.015 seconds)

CVSS: 9.0EPSS: 19%CPEs: 8EXPL: 1

Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests. Múltiples desbordamientos de buffer basados en pila del servicio Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0 y 7.1.758.0, usado en varios productos CA incluyendo Anti-Virus para la versión Enterprise 7.1 a la r11.1 y Threat Manager para la versión Enterprise 8.1 y r8, permiten a usuarios autenticados ejecutar código de su elección mediante peticiones RPC manipuladas. • https://www.exploit-db.com/exploits/16410 http://community.ca.com/blogs/casecurityresponseblog/archive/2008/04/04/ca-alert-notification-server-multiple-vulnerabilities.aspx http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=679 http://secunia.com/advisories/29665 http://securityreason.com/securityalert/3799 http://www.securityfocus.com/archive/1/490466/100/0/threaded http://www.securityfocus.com/bid/28605 http://www.securitytracker.com/id?1019789 http://www.securitytracker.com/id&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 3%CPEs: 9EXPL: 0

Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers. La biblioteca Queue.dll para el servicio de colas de mensajes (LQserver.exe) en CA BrightStor ARCServe BackUp versión v9.01 hasta R11.5, y Enterprise Backup r10.5, permite a atacantes remotos ejecutar código arbitrario por medio de una petición de protocolo ONRPC malformada para la operación 0x76, lo que hace que ARCserve Backup elimine la referencia de punteros arbitrarios. • http://osvdb.org/41371 http://research.eeye.com/html/advisories/published/AD20071011.html http://secunia.com/advisories/27192 http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp http://www.securityfocus.com/archive/1/482114/100/0/threaded http://www.securityfocus.com/archive/1/482121/100/0/threaded http://www.securityfocus.com/bid/24680 http://www.securitytracker.com/id?1018805 http://www.vupen.com/english/advisories/2007/3470 https://exchange.xforce.ibmcloud&# • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 10.0EPSS: 76%CPEs: 9EXPL: 0

Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption. Vulnerabilidad sin especificar en el dbasvr del CA BrightStor ARCServe BackUp v9.01 hasta la R11.5 y el Enterprise Backup r10.5, tiene un impacto desconocido y vectores de ataque relacionados con la corrupción de memoria. • http://osvdb.org/41372 http://secunia.com/advisories/27192 http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp http://www.securityfocus.com/archive/1/482121/100/0/threaded http://www.securityfocus.com/bid/26015 http://www.securitytracker.com/id?1018805 http://www.vupen.com/english/advisories/2007/3470 https://exchange.xforce.ibmcloud.com/vulnerabilities/37068 • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 4%CPEs: 9EXPL: 0

Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors. Múltiples desbordamientos de búfer en (1) RPC y (2) rpcx.dll de CA BrightStor ARCServer BackUp v9.01 hasta R11.5, y Enterprise Backup r10.5, permiten a atacantes remotos ejecutar código de su elección a través de vectores no especificados. • http://osvdb.org/41368 http://secunia.com/advisories/27192 http://secunia.com/secunia_research/2007-49/advisory http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp http://www.securityfocus.com/archive/1/482121/100/0/threaded http://www.securityfocus.com/bid/26015 http://www.securitytracker.com/id?1018805 http://www.vupen.com/english/advisories/2007/3470 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 40%CPEs: 41EXPL: 0

arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file. arclib.dll anterior a 7.3.0.9 en CA Anti-Virus (formalmente eTrust Antivirus) 8 y otros ciertos productos CA permiten a atacantes remotos provocar denegación de servicio (bucles infinitos y perdida de funcionalidad antivirus) a través de un campo"listado previo de un trozo de número" en un cierto archivo CHM. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567 http://secunia.com/advisories/26155 http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847 http://www.securityfocus.com/archive/1/474601/100/0/threaded http://www.securityfocus.com/archive/1/474605/100/100/threaded http://www.securityfocus.com/archive/1/474683/100/0/threaded http://www.securityfocus.com/bid/25049 http: •