// For flags

CVE-2007-5331

 

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.

La biblioteca Queue.dll para el servicio de colas de mensajes (LQserver.exe) en CA BrightStor ARCServe BackUp versión v9.01 hasta R11.5, y Enterprise Backup r10.5, permite a atacantes remotos ejecutar código arbitrario por medio de una petición de protocolo ONRPC malformada para la operación 0x76, lo que hace que ARCserve Backup elimine la referencia de punteros arbitrarios.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-10-10 CVE Reserved
  • 2007-10-12 CVE Published
  • 2024-07-09 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Broadcom
Search vendor "Broadcom"
Brightstor Arcserve Backup
Search vendor "Broadcom" for product "Brightstor Arcserve Backup"
9.01
Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "9.01"
-
Affected
Broadcom
Search vendor "Broadcom"
Brightstor Arcserve Backup
Search vendor "Broadcom" for product "Brightstor Arcserve Backup"
11.1
Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.1"
-
Affected
Broadcom
Search vendor "Broadcom"
Brightstor Arcserve Backup
Search vendor "Broadcom" for product "Brightstor Arcserve Backup"
11.5
Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.5"
-
Affected
Broadcom
Search vendor "Broadcom"
Brightstor Enterprise Backup
Search vendor "Broadcom" for product "Brightstor Enterprise Backup"
10.5
Search vendor "Broadcom" for product "Brightstor Enterprise Backup" and version "10.5"
-
Affected
Broadcom
Search vendor "Broadcom"
Business Protection Suite
Search vendor "Broadcom" for product "Business Protection Suite"
2.0
Search vendor "Broadcom" for product "Business Protection Suite" and version "2.0"
-
Affected
Broadcom
Search vendor "Broadcom"
Server Protection Suite
Search vendor "Broadcom" for product "Server Protection Suite"
2
Search vendor "Broadcom" for product "Server Protection Suite" and version "2"
-
Affected
Ca
Search vendor "Ca"
Brightstor Arcserve Backup
Search vendor "Ca" for product "Brightstor Arcserve Backup"
11
Search vendor "Ca" for product "Brightstor Arcserve Backup" and version "11"
windows
Affected
Ca
Search vendor "Ca"
Business Protection Suite
Search vendor "Ca" for product "Business Protection Suite"
2.0
Search vendor "Ca" for product "Business Protection Suite" and version "2.0"
microsoft_small_business_server_premium
Affected
Ca
Search vendor "Ca"
Business Protection Suite
Search vendor "Ca" for product "Business Protection Suite"
2.0
Search vendor "Ca" for product "Business Protection Suite" and version "2.0"
microsoft_small_business_server_standard
Affected