Vulnerability Description
Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Brightstor Arcserve Backup | 9.01 |
| Broadcom | Business Protection Suite | 2.0 |
| Broadcom | Server Protection Suite | 2 |
| Ca | Brightstor Arcserve Backup | 11 |
| Ca | Business Protection Suite | 2.0 |
References
- http://osvdb.org/35326
- http://secunia.com/advisories/24972
- http://securityreason.com/securityalert/2628
- http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp
- http://www.kb.cert.org/vuls/id/979825US Government Resource
- http://www.securityfocus.com/archive/1/466790/100/0/threaded
- http://www.securityfocus.com/bid/23635Patch
- http://www.securitytracker.com/id?1017952
- http://www.vupen.com/english/advisories/2007/1529
- http://www.zerodayinitiative.com/advisories/ZDI-07-022.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33854
- http://osvdb.org/35326
- http://secunia.com/advisories/24972
- http://securityreason.com/securityalert/2628
- http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp
FAQ
What is CVE-2007-2139?
CVE-2007-2139 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightS...
How severe is CVE-2007-2139?
CVE-2007-2139 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2139?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Brightstor Arcserve Backup, Broadcom Business Protection Suite, Broadcom Server Protection Suite, Ca Brightstor Arcserve Backup, Ca Business Protection Suite.