Vulnerability Description
Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Alert Notification Server | All versions |
| Broadcom | Brightstor Arcserve Backup | 9.01 |
| Broadcom | Brightstor Enterprise Backup | 10.5 |
| Ca | Anti-Virus For The Enterprise | 8 |
| Ca | Brightstor Arcserve Backup | 11 |
| Ca | Brightstor Arcserve Client | All versions |
| Ca | Protection Suites | r3 |
| Ca | Threat Manager | 8 |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561Vendor Advisory
- http://secunia.com/advisories/26088PatchVendor Advisory
- http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asPatch
- http://www.securityfocus.com/bid/24947
- http://www.securitytracker.com/id?1018402
- http://www.securitytracker.com/id?1018403
- http://www.securitytracker.com/id?1018404
- http://www.securitytracker.com/id?1018405
- http://www.securitytracker.com/id?1018406
- http://www.vupen.com/english/advisories/2007/2559
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35467
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561Vendor Advisory
- http://secunia.com/advisories/26088PatchVendor Advisory
- http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asPatch
- http://www.securityfocus.com/bid/24947
FAQ
What is CVE-2007-3825?
CVE-2007-3825 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterpri...
How severe is CVE-2007-3825?
CVE-2007-3825 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3825?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Alert Notification Server, Broadcom Brightstor Arcserve Backup, Broadcom Brightstor Enterprise Backup, Ca Anti-Virus For The Enterprise, Ca Brightstor Arcserve Backup.