CVE-2007-6016 – Symantec BackupExec Calendar Control - 'PVCalendar.ocx' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-6016
Multiple stack-based buffer overflows in the PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server (BEWS) 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, allow remote attackers to execute arbitrary code via a long (1) _DOWText0, (2) _DOWText1, (3) _DOWText2, (4) _DOWText3, (5) _DOWText4, (6) _DOWText5, (7) _DOWText6, (8) _MonthText0, (9) _MonthText1, (10) _MonthText2, (11) _MonthText3, (12) _MonthText4, (13) _MonthText5, (14) _MonthText6, (15) _MonthText7, (16) _MonthText8, (17) _MonthText9, (18) _MonthText10, or (19) _MonthText11 property value when executing the Save method. NOTE: the vendor states "Authenticated user involvement required," but authentication is not needed to attack a client machine that loads this control. Múltiples desbordamientos de búfer en el control ActiveX PVATLCalendar.PVCalendar.1 en el archivo pvcalendar.ocx en el componente scheduler en el Servidor Multimedia en Symantec Backup Exec for Windows Server (BEWS) versiones 11d 11.0.6235 y 11.0.7170, y versiones 12.0 12.0.1364, permite a atacantes remotos ejecutar código arbitrario por medio de un valor de propiedad largo (1) _DOWText0, (2) _DOWText1, (3) _DOWText2, (4) _DOWText3, (5) _DOWText4, (6) _DOWText5, (7) _DOWText6, (8) _MonthText0, (9) _MonthText1, (10) _MonthText2, (11) _TextoMes3, (12) _TextoMes4, (13) _TextoMes5, (14) _TextoMes6, (15) _TextoMes7, (16) _TextoMes8, (17) _TextoMes9, (18) _TextoMes10, o (19) _TextoMes11, cuando se ejecuta el método Save. NOTA: el proveedor declara "Authenticated user involvement required," pero la autenticación no es necesaria para atacar una máquina cliente que carga este control. • https://www.exploit-db.com/exploits/5205 https://www.exploit-db.com/exploits/16582 http://secunia.com/advisories/27885 http://secunia.com/secunia_research/2007-101/advisory http://securitytracker.com/id?1019524 http://seer.support.veritas.com/docs/308669.htm http://www.securityfocus.com/bid/26904 http://www.symantec.com/avcenter/security/Content/2008.02.28.html http://www.symantec.com/avcenter/security/Content/2008.02.29.html http://www.vupen.com/english/advisories/2008/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5126
https://notcve.org/view.php?id=CVE-2007-5126
Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. Vulnerabilidad no especificada en el cliente de Symantec Veritas Backup Exec para Windows Servers 11d tiene impacto desconocido y vectores de ataque remotos. NOTA: esta información se basa en un aviso vago de una organización de venta de información de vulnerabilidades que no se coordina con fabricantes o avisos accionables de versiones. Se ha asignado un identificador CVE por motivos de seguimiento, pero es difícil determinar duplicados con otros CVEs. • http://osvdb.org/45522 http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000147 http://www.securityfocus.com/bid/25793 •
CVE-2007-3509
https://notcve.org/view.php?id=CVE-2007-3509
Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests. Desbordamiento de búfer basado en montículo en el subsistema RPC de Symantec Backup Exec para Windows Servers 10.0, 10d, y 11d permite a atacantes remotos provocar una denegación de servicio (terminación del proceso) y posiblemente ejecutar código de su elección mediante peticiones ncacn_ip_tcp manipuladas. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=553 http://secunia.com/advisories/26032 http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11a.html http://www.kb.cert.org/vuls/id/213697 http://www.osvdb.org/36111 http://www.securityfocus.com/bid/23897 http://www.securitytracker.com/id?1018366 http://www.vupen.com/english/advisories/2007/2505 https://exchange.xforce.ibmcloud.com/vulnerabilities/35340 •
CVE-2006-4128
https://notcve.org/view.php?id=CVE-2006-4128
Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691), 10.0 (builds 10.0.5484 and 10.0.5520), and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message. Múliples desbordamientos de búfer en Symantec VERITAS Backup Exec para Netware Server Remote Agent para Windows Server 9.1 y 9.2 (todas las construcciones), Backup Exec Continuous Protection Server Remote Agent para Windows Server 10.1 (10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, y 10.1.327.401), y Backup Exec para Windows Server y Remote Agent 9.1 (9.1.4691), 10.0 (10.0.5484 y 10.0.5520), y 10.1 (10.1.5629) permite a un atacante remoto provocar denegación de servicio (caida de aplicación) y posiblemente ejecutar código de su elección a través de mensajes RPC manipulados. • http://secunia.com/advisories/21472 http://securityreason.com/securityalert/1380 http://securityresponse.symantec.com/avcenter/security/Content/2006.08.11.html http://securitytracker.com/id?1016683 http://seer.entsupport.symantec.com/docs/284623.htm http://www.kb.cert.org/vuls/id/647796 http://www.securityfocus.com/archive/1/443037/100/0/threaded http://www.securityfocus.com/bid/19479 http://www.vupen.com/english/advisories/2006/3266 https://exchange.xforce.ibmcloud.com/vulnerabilitie •
CVE-2006-1297
https://notcve.org/view.php?id=CVE-2006-1297
Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, for Netware Servers and Remote Agent 9.1 and 9.2, and Remote Agent for Linux Servers 10.0 and 10.1 allow attackers to cause a denial of service (application crash or unavailability) due to "memory errors." • http://secunia.com/advisories/19242 http://securityreason.com/securityalert/597 http://securitytracker.com/id?1015784 http://www.securityfocus.com/archive/1/428016/100/0/threaded http://www.securityfocus.com/bid/17098 http://www.symantec.com/avcenter/security/Content/2006.03.17a.html http://www.vupen.com/english/advisories/2006/0995 https://exchange.xforce.ibmcloud.com/vulnerabilities/25309 •