Back to CVE Browser

CVE-2007-5005

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0740%

EPSS Percentile10.32th

PublishedOct 1, 2007

Last ModifiedApr 23, 2026

Vulnerability Description

Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command.

Affected Platforms (CPE)

📦

Broadcom

Brightstor Arcserve Backup Laptops Desktops

= 4.0

📦

Broadcom

Brightstor Arcserve Backup Laptops Desktops

= 11.0

📦

Broadcom

Brightstor Arcserve Backup Laptops Desktops

= 11.1

📦

Broadcom

Brightstor Arcserve Backup Laptops Desktops

= 11.1

📦

Broadcom

Brightstor Arcserve Backup Laptops Desktops

= 11.5

📦

Broadcom

Desktop Management Suite

= 11.0

📦

Broadcom

Desktop Management Suite

= 11.1

📦

Broadcom

Desktop Management Suite

= 11.2

📦

Ca

Protection Suites

= r2

References & Advisories

🔗 http://research.eeye.com/html/advisories/published/AD20070920.html

🔗 http://secunia.com/advisories/25606

🔗 http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp

🔗 http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006

🔗 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676

🔗 http://www.securityfocus.com/archive/1/480252/100/100/threaded

🔗 http://www.securityfocus.com/bid/24348

🔗 http://www.securitytracker.com/id?1018728

Related Vulnerabilities

CVE-2007-500310.0

Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 throug...

CVE-2007-044910.0

Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobil...

CVE-2007-321610.0

Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktop...

CVE-2007-500610.0

Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do n...