CVSS: 10.0EPSS: 24%CPEs: 15EXPL: 0CVE-2008-3175 – assurent-caarcserve.txt
https://notcve.org/view.php?id=CVE-2008-3175
31 Jul 2008 — Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow. Subdesbordamiento de enteros en la biblioteca rxRPC.dll en el servicio LGServer en el servidor en CA ARCserve Backup versiones 11.0 hasta 11.5 para ordenadores Portátiles y Escritorios, permite a los atacantes remotos ejecutar código arbitrario... • http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063594.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 42%CPEs: 30EXPL: 0CVE-2008-1786 – cadsm-activex.txt
https://notcve.org/view.php?id=CVE-2008-1786
16 Apr 2008 — The DSM gui_cm_ctrls ActiveX control (gui_cm_ctrls.ocx), as used in multiple CA products including BrightStor ARCServe Backup for Laptops and Desktops r11.5, Desktop Management Suite r11.1 through r11.2 C2; Unicenter r11.1 through r11.2 C2; and Desktop and Server Management r11.1 through r11.2 C2 allows remote attackers to execute arbitrary code via crafted function arguments. El control ActiveX DSM gui_cm_ctrls (archivo gui_cm_ctrls.ocx), tal y como es usado en distintos productos de CA, incluyendo a Brigh... • http://community.ca.com/blogs/casecurityresponseblog/archive/2008/04/16/ca-dsm-gui-cm-ctrls-activex-control-vulnerability.aspx • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 16%CPEs: 8EXPL: 0CVE-2008-1328 – CAarc-multi.txt
https://notcve.org/view.php?id=CVE-2008-1328
05 Apr 2008 — Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments." Desbordamiento de Búfer del Servicio LGServer de CA ARCserve Backup for Laptops and Desktops versiones de la r11.0 a la r11.5 y Suite 11.1 and 11.2, permite a atacantes remotos ejecutar código de su elección a través de argumentos de comando no especificados. CA ARCserve Backup for Laptops a... • http://securityreason.com/securityalert/3800 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 4%CPEs: 8EXPL: 0CVE-2008-1329 – CAarc-multi.txt
https://notcve.org/view.php?id=CVE-2008-1329
05 Apr 2008 — Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads." Vulnerabilidad no especificada del servicio NetBackup de CA ARCserve Backup for Laptops and Desktops versiones de la r11.0 a la r11.5 y Suite 11.1 and 11.2, permite a atacantes remotos ejecutar comandos de su elección, relacionado con “subidas de archivos s... • http://securityreason.com/securityalert/3800 •
CVSS: 9.8EPSS: 76%CPEs: 30EXPL: 4CVE-2008-1472 – CA BrightStor ARCserve Backup - 'AddColumn()' ActiveX Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-1472
24 Mar 2008 — Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method. Un desbordamiento de búfer en la región stack de la memoria en el control ActiveX ListCtrl (ListCtrl.ocx), como es usado en varios product... • https://packetstorm.news/files/id/82950 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 82%CPEs: 9EXPL: 2CVE-2007-5003 – CA BrightStor ARCserve for Laptops & Desktops LGServer - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-5003
25 Sep 2007 — Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function. Múltiples desbordamientos de búfer basado en pila en CA (Computer Associates) BrightStor ARCserve Backup para Portátil y Sobremesa r11.0 hasta r11.5 permiten a atacantes remotos ejecutar... • https://packetstorm.news/files/id/83198 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 13%CPEs: 9EXPL: 0CVE-2007-5004 – CAID-backup.txt
https://notcve.org/view.php?id=CVE-2007-5004
25 Sep 2007 — Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain "useless" password. Desbordamiento de entero en en pila en CA (Computer Associates) BrightStor ARCserve Backup para Portátil y Sobremesa r11.0 hasta r11.5 permite a atacantes remotos ejecutar código de su elección mediante un nombre de usuario largo y determinadas contraseñas "sin uso". CA ARCserve Backup for ... • http://research.eeye.com/html/advisories/published/AD20070920.html • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 3%CPEs: 9EXPL: 0CVE-2007-5005 – CAID-backup.txt
https://notcve.org/view.php?id=CVE-2007-5005
25 Sep 2007 — Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command. Vulnerabilidad de salto de directorio en rxRPC.dll de CA (Computer Associates) BrightStor ARCserve Backup para Portátil y Sobremesa r11.0 hasta r11.5 permite a atacan... • http://research.eeye.com/html/advisories/published/AD20070920.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 1%CPEs: 9EXPL: 0CVE-2007-5006 – CAID-backup.txt
https://notcve.org/view.php?id=CVE-2007-5006
25 Sep 2007 — Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores. Múltiples gestores de comandos de CA (Computer Associates) BrightStor ARCserve Backup para Portátil y Sobremesa r11.0 hasta r11.5 no verifican si un par está autenticado, lo cual permite a atacantes remotos añadir y borrar usuarios, e inicializar recuperaciones ... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=598 • CWE-287: Improper Authentication •