CVE-2007-5327 - Vulnerability Details

Vendors	Products
Broadcom	Brightstor Arcserve Backup Brightstor Enterprise Backup

Link	Providers
http://ruder.cdut.net/blogview.asp?logID=231
http://secunia.com/advisories/27192
http://securityreason.com/securityalert/3218
http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp
http://www.fortiguardcenter.com/advisory/FGA-2007-11.html
http://www.securityfocus.com/archive/1/482112/100/0/threaded
http://www.securityfocus.com/archive/1/482121/100/0/threaded
http://www.securityfocus.com/bid/26015
http://www.securitytracker.com/id?1018805
http://www.vupen.com/english/advisories/2007/3470
https://exchange.xforce.ibmcloud.com/vulnerabilities/37064
https://exchange.xforce.ibmcloud.com/vulnerabilities/37065

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-10-11T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ca-brightstor-rpc-rpcx-bo(37064)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37064"}, {"name": "27192", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27192"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"}, {"name": "3218", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3218"}, {"tags": ["x_refsource_MISC"], "url": "http://ruder.cdut.net/blogview.asp?logID=231"}, {"name": "20071011 CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/482112/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.fortiguardcenter.com/advisory/FGA-2007-11.html"}, {"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"}, {"name": "ca-brightstor-messageengine-bo(37065)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37065"}, {"name": "26015", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26015"}, {"name": "1018805", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018805"}, {"name": "ADV-2007-3470", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3470"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5327", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ca-brightstor-rpc-rpcx-bo(37064)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37064"}, {"name": "27192", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27192"}, {"name": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp", "refsource": "CONFIRM", "url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"}, {"name": "3218", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3218"}, {"name": "http://ruder.cdut.net/blogview.asp?logID=231", "refsource": "MISC", "url": "http://ruder.cdut.net/blogview.asp?logID=231"}, {"name": "20071011 CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/482112/100/0/threaded"}, {"name": "http://www.fortiguardcenter.com/advisory/FGA-2007-11.html", "refsource": "MISC", "url": "http://www.fortiguardcenter.com/advisory/FGA-2007-11.html"}, {"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"}, {"name": "ca-brightstor-messageengine-bo(37065)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37065"}, {"name": "26015", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26015"}, {"name": "1018805", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018805"}, {"name": "ADV-2007-3470", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3470"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:24:42.475Z"}, "title": "CVE Program Container", "references": [{"name": "ca-brightstor-rpc-rpcx-bo(37064)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37064"}, {"name": "27192", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27192"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"}, {"name": "3218", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3218"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://ruder.cdut.net/blogview.asp?logID=231"}, {"name": "20071011 CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/482112/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.fortiguardcenter.com/advisory/FGA-2007-11.html"}, {"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"}, {"name": "ca-brightstor-messageengine-bo(37065)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37065"}, {"name": "26015", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26015"}, {"name": "1018805", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018805"}, {"name": "ADV-2007-3470", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3470"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5327", "datePublished": "2007-10-13T00:00:00", "dateReserved": "2007-10-10T00:00:00", "dateUpdated": "2024-08-07T15:24:42.475Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2007-10-11T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-10-15T20:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : ca-brightstor-rpc-rpcx-bo(37064) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/37064 (string)

}

1 : { »

name : 27192 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/27192 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp (string)

}

3 : { »

name : 3218 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SREASON (string)

]

url : http://securityreason.com/securityalert/3218 (string)

}

4 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://ruder.cdut.net/blogview.asp?logID=231 (string)

}

5 : { »

name : 20071011 CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/482112/100/0/threaded (string)

}

6 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.fortiguardcenter.com/advisory/FGA-2007-11.html (string)

}

7 : { »

name : 20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/482121/100/0/threaded (string)

}

8 : { »

name : ca-brightstor-messageengine-bo(37065) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/37065 (string)

}

9 : { »

name : 26015 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/26015 (string)

}

10 : { »

name : 1018805 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id?1018805 (string)

}

11 : { »

name : ADV-2007-3470 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2007/3470 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2007-5327 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : ca-brightstor-rpc-rpcx-bo(37064) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/37064 (string)

}

1 : { »

name : 27192 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/27192 (string)

}

2 : { »

name : http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp (string)

refsource : CONFIRM (string)

url : http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp (string)

}

3 : { »

name : 3218 (string)

refsource : SREASON (string)

url : http://securityreason.com/securityalert/3218 (string)

}

4 : { »

name : http://ruder.cdut.net/blogview.asp?logID=231 (string)

refsource : MISC (string)

url : http://ruder.cdut.net/blogview.asp?logID=231 (string)

}

5 : { »

name : 20071011 CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/482112/100/0/threaded (string)

}

6 : { »

name : http://www.fortiguardcenter.com/advisory/FGA-2007-11.html (string)

refsource : MISC (string)

url : http://www.fortiguardcenter.com/advisory/FGA-2007-11.html (string)

}

7 : { »

name : 20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/482121/100/0/threaded (string)

}

8 : { »

name : ca-brightstor-messageengine-bo(37065) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/37065 (string)

}

9 : { »

name : 26015 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/26015 (string)

}

10 : { »

name : 1018805 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id?1018805 (string)

}

11 : { »

name : ADV-2007-3470 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2007/3470 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T15:24:42.475Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : ca-brightstor-rpc-rpcx-bo(37064) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/37064 (string)

}

1 : { »

name : 27192 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/27192 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp (string)

}

3 : { »

name : 3218 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SREASON (string)

2 : x_transferred (string)

]

url : http://securityreason.com/securityalert/3218 (string)

}

4 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://ruder.cdut.net/blogview.asp?logID=231 (string)

}

5 : { »

name : 20071011 CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/482112/100/0/threaded (string)

}

6 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.fortiguardcenter.com/advisory/FGA-2007-11.html (string)

}

7 : { »

name : 20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/482121/100/0/threaded (string)

}

8 : { »

name : ca-brightstor-messageengine-bo(37065) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/37065 (string)

}

9 : { »

name : 26015 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/26015 (string)

}

10 : { »

name : 1018805 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id?1018805 (string)

}

11 : { »

name : ADV-2007-3470 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2007/3470 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2007-5327 (string)

datePublished : 2007-10-13T00:00:00 (string)

dateReserved : 2007-10-10T00:00:00 (string)

dateUpdated : 2024-08-07T15:24:42.475Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*", "matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "443AB333-2C99-42FF-8F4E-A487BF588E85", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*", "matchCriteriaId": "8C339825-77F9-478A-B1F7-A297D5715396", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*", "matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en el interfaz RPC para el Message Engine (mediasvr.exe) en el  CA BrightStor ARCServe BackUp v9.01 hasta la R11.5 y el Enterprise Backup r10.5, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de la inclusi\u00f3n de un argumento largo en el 0x10d opnum."}], "id": "CVE-2007-5327", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-13T00:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://ruder.cdut.net/blogview.asp?logID=231"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/27192"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3218"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.fortiguardcenter.com/advisory/FGA-2007-11.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/482112/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26015"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018805"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/3470"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37064"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37065"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ruder.cdut.net/blogview.asp?logID=231"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27192"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3218"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.fortiguardcenter.com/advisory/FGA-2007-11.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/482112/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26015"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018805"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3470"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37064"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37065"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:* (string)

matchCriteriaId : F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 443AB333-2C99-42FF-8F4E-A487BF588E85 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:* (string)

matchCriteriaId : 8C339825-77F9-478A-B1F7-A297D5715396 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:* (string)

matchCriteriaId : E37161BE-6AF5-40E0-BD63-2C17431D8B36 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 477EE032-D183-478F-A2BF-6165277A7414 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 78AA54EA-DAF1-4635-AA1B-E2E49C4BB597 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum. (string)

}

1 : { »

lang : es (string)

value : Desbordamiento de búfer basado en pila en el interfaz RPC para el Message Engine (mediasvr.exe) en el CA BrightStor ARCServe BackUp v9.01 hasta la R11.5 y el Enterprise Backup r10.5, permite a atacantes remotos ejecutar código de su elección a través de la inclusión de un argumento largo en el 0x10d opnum. (string)

}

]

id : CVE-2007-5327 (string)

lastModified : 2025-04-09T00:30:58.490 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 10 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:N/AC:L/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 10 (number)

obtainAllPrivilege : true (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2007-10-13T00:17:00.000 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : http://ruder.cdut.net/blogview.asp?logID=231 (string)

}

1 : { »

source : cve@mitre.org (string)

url : http://secunia.com/advisories/27192 (string)

}

2 : { »

source : cve@mitre.org (string)

url : http://securityreason.com/securityalert/3218 (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

]

url : http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp (string)

}

4 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.fortiguardcenter.com/advisory/FGA-2007-11.html (string)

}

5 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/archive/1/482112/100/0/threaded (string)

}

6 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/archive/1/482121/100/0/threaded (string)

}

7 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/bid/26015 (string)

}

8 : { »

source : cve@mitre.org (string)

url : http://www.securitytracker.com/id?1018805 (string)

}

9 : { »

source : cve@mitre.org (string)

url : http://www.vupen.com/english/advisories/2007/3470 (string)

}

10 : { »

source : cve@mitre.org (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/37064 (string)

}

11 : { »

source : cve@mitre.org (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/37065 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://ruder.cdut.net/blogview.asp?logID=231 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://secunia.com/advisories/27192 (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://securityreason.com/securityalert/3218 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.fortiguardcenter.com/advisory/FGA-2007-11.html (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/archive/1/482112/100/0/threaded (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/archive/1/482121/100/0/threaded (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/26015 (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id?1018805 (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.vupen.com/english/advisories/2007/3470 (string)

}

22 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/37064 (string)

}

23 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/37065 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-119 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object