CyberSec.Space Logo
Back to CVE Browser

CVE-2007-5328

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0380%
EPSS Percentile21.94th
PublishedOct 13, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain "insecure method calls" to modify the file system and registry, aka "Privileged function exposure."

Affected Platforms (CPE)

πŸ“¦
Broadcom

Brightstor Arcserve Backup

= 9.01
πŸ“¦
Broadcom

Brightstor Arcserve Backup

= 10.5
πŸ“¦
Broadcom

Brightstor Arcserve Backup

= 11
πŸ“¦
Broadcom

Brightstor Arcserve Backup

= 11.1
πŸ“¦
Broadcom

Brightstor Arcserve Backup

= 11.5
πŸ“¦
Broadcom

Brightstor Enterprise Backup

= 10.5

References & Advisories

πŸ”— http://secunia.com/advisories/27192
πŸ”— http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp
πŸ”— http://www.securityfocus.com/archive/1/482121/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/484229/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/26015
πŸ”— http://www.securitytracker.com/id?1018805
πŸ”— http://www.vupen.com/english/advisories/2007/3470
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-07-069.html

Related Vulnerabilities

CVE-2005-026010.0

Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to ex...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...

CVE-2006-691710.0

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers t...