CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0457

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1770%
EPSS Percentile6.47th
PublishedFeb 7, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.

Affected Platforms (CPE)

πŸ“¦
Symantec

Backupexec System Recovery

= 7.0
πŸ“¦
Symantec

Backupexec System Recovery

= 7.01

References & Advisories

πŸ”— http://secunia.com/advisories/28787
πŸ”— http://seer.entsupport.symantec.com/docs/297171.htm
πŸ”— http://www.securityfocus.com/archive/1/487688/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/27487
πŸ”— http://www.securitytracker.com/id?1019303
πŸ”— http://www.symantec.com/avcenter/security/Content/2008.02.04.html
πŸ”— http://www.vupen.com/english/advisories/2008/0413
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-08-003.html

Related Vulnerabilities

CVE-2007-23597.2

Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and Backup...

CVE-2007-23606.8

Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote bac...

CVE-2007-23614.9

Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote bac...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...