1. Home
  2. CVE Database
  3. CVE-2007-5331
HIGH · 10.0

CVE-2007-5331

Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malf...

Vulnerability Description

Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
BroadcomBrightstor Arcserve Backup9.01
BroadcomBrightstor Enterprise Backup10.5
BroadcomBusiness Protection Suite2.0
BroadcomServer Protection Suite2
CaBrightstor Arcserve Backup11
CaBusiness Protection Suite2.0

Related Weaknesses (CWE)

CWE-94

References

FAQ

What is CVE-2007-5331?

CVE-2007-5331 is a vulnerability with a CVSS score of 10.0 (HIGH). Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malf...

How severe is CVE-2007-5331?

CVE-2007-5331 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-5331?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Brightstor Arcserve Backup, Broadcom Brightstor Enterprise Backup, Broadcom Business Protection Suite, Broadcom Server Protection Suite, Ca Brightstor Arcserve Backup.