ID CVE-2007-3825
Summary Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.
References
Vulnerable Configurations
  • cpe:2.3:a:ca:alert_notification_server:*:*:*:*:*:*:*:*
    cpe:2.3:a:ca:alert_notification_server:*:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:anti-virus_for_the_enterprise:8:*:enterprise:*:*:*:*:*
    cpe:2.3:a:ca:anti-virus_for_the_enterprise:8:*:enterprise:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_client:*:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_client:*:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*
    cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:threat_manager:8:*:enterprise:*:*:*:*:*
    cpe:2.3:a:ca:threat_manager:8:*:enterprise:*:*:*:*:*
CVSS
Base: 9.3 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
bid 24947
confirm http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
idefense 20070717 Computer Associates Alert Notification Server Multiple Buffer Overflow Vulnerabilities
sectrack
  • 1018402
  • 1018403
  • 1018404
  • 1018405
  • 1018406
secunia 26088
vupen ADV-2007-2559
xf ca-alertnotification-bo(35467)
saint via4
bid 24947
description Computer Associates Alert Notification Server buffer overflow
id misc_caalert
osvdb 36096
title ca_alert_server
type remote
Last major update 29-07-2017 - 01:32
Published 18-07-2007 - 23:30
Last modified 29-07-2017 - 01:32
Back to Top