CVSS: 9.3EPSS: 8%CPEs: 52EXPL: 0CVE-2009-3587
https://notcve.org/view.php?id=CVE-2009-3587
13 Oct 2009 — Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. Vulnerabilidad no espe... • http://osvdb.org/58691 •
CVSS: 7.5EPSS: 1%CPEs: 55EXPL: 0CVE-2009-3588
https://notcve.org/view.php?id=CVE-2009-3588
13 Oct 2009 — Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587. Vulnerabilidad inespecífica en el componente arclib en el... • http://secunia.com/advisories/36976 •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 2CVE-2009-1761
https://notcve.org/view.php?id=CVE-2009-1761
16 Jun 2009 — The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error. El motor de mensajes en CA ARCserve Backup r12.0 y r12.0 SP1 para Windows permite a atacantes remotos producir una denegación de servicio (caída) a través de (1) un mensaje 0x13 invalido, el cual no es adecua... • http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 1%CPEs: 39EXPL: 0CVE-2009-0042
https://notcve.org/view.php?id=CVE-2009-0042
28 Jan 2009 — Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. Múltiples vulnerabilidades sin especificar en la bilioteca Arclib (arclib.dll) anterior a v 7.3.0.15 en el motor de CA Anti-Virus para CA Anti-Virus Enterprise v7.1, r8... • http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx •
CVSS: 10.0EPSS: 15%CPEs: 4EXPL: 0CVE-2008-5415
https://notcve.org/view.php?id=CVE-2008-5415
11 Dec 2008 — The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure. El servicio LDBserver en el servidor en CA ARCserve Backup versiones 11.1 hasta 12.0 en Windows, permite a atacantes remotos ejecutar código arbitrario por medio de un argumento handle_t hacia un endpoint RPC en el que el argumento hace referencia a un procedimiento incomp... • http://community.ca.com/blogs/casecurityresponseblog/archive/2008/12/10.aspx •
CVSS: 10.0EPSS: 85%CPEs: 7EXPL: 1CVE-2008-4397 – Computer Associates ARCserve - REPORTREMOTEEXECUTECML Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-4397
14 Oct 2008 — Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A. Vulnerabilidad de salto de directorio en la interfaz RPC (asdbapi.dll) en CA ARCserve Backup (antes BrightStor ARCserve Backup) vr11.1 hasta vr12.0 permite a atacantes remotos ejecutar comandos de su elección a través de .. (punto punto) en una llamada RPC ... • https://www.exploit-db.com/exploits/16404 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 2%CPEs: 7EXPL: 0CVE-2008-4398
https://notcve.org/view.php?id=CVE-2008-4398
14 Oct 2008 — Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request. Vulnerabilidad no especificada en el servicio de motor de cinta en asdbapi.dll de CA ARCserve Backup (anteriormente BrightStor ARCserve Backup) de r11.1 a r12.0 permite a atacantes remotos provocar una denegación de servicio (caída) mediante una petición manipulada. • http://secunia.com/advisories/32220 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 7EXPL: 0CVE-2008-4399
https://notcve.org/view.php?id=CVE-2008-4399
14 Oct 2008 — Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation." Vulnerabilidad no especificada en el servicio del motor de la base de datos en asdbapi.dll en CA ARCserve Backup (antes BrightStor ARCserve Backup) vr11.1 hasta vr12.0 permite a atacantes remotos provocar una denegación de servicio (caída... • http://secunia.com/advisories/32220 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 2%CPEs: 7EXPL: 0CVE-2008-4400
https://notcve.org/view.php?id=CVE-2008-4400
14 Oct 2008 — Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation." Vulnerabilidad sin especificar en asdbapi.dll de CA ARCserve Backup (antes llamado BrightStor ARCserve Backup)r11.1 hasta r12.0 permite a un atacante remoto causar una denegación de servicio (caída de varios servicios) por medio de... • http://secunia.com/advisories/32220 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 24%CPEs: 15EXPL: 0CVE-2008-3175
https://notcve.org/view.php?id=CVE-2008-3175
01 Aug 2008 — Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow. Subdesbordamiento de enteros en la biblioteca rxRPC.dll en el servicio LGServer en el servidor en CA ARCserve Backup versiones 11.0 hasta 11.5 para ordenadores Portátiles y Escritorios, permite a los atacantes remotos ejecutar código arbitrario... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063594.html • CWE-189: Numeric Errors •