Vulnerability Description
The DSM gui_cm_ctrls ActiveX control (gui_cm_ctrls.ocx), as used in multiple CA products including BrightStor ARCServe Backup for Laptops and Desktops r11.5, Desktop Management Suite r11.1 through r11.2 C2; Unicenter r11.1 through r11.2 C2; and Desktop and Server Management r11.1 through r11.2 C2 allows remote attackers to execute arbitrary code via crafted function arguments.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Computer Associates | Arcserve Backup Laptops And Desktops | r11.5 |
| Computer Associates | Desktop And Server Management | r11.1 |
| Computer Associates | Desktop Management Suite | r11.2 |
| Computer Associates | Unicenter Asset Management | r11.1 |
| Computer Associates | Unicenter Desktop Management Bundle | r11.1 |
| Computer Associates | Unicenter Remote Control | r11.1 |
| Computer Associates | Unicenter Software Delivery | r11.1 |
Related Weaknesses (CWE)
References
- http://community.ca.com/blogs/casecurityresponseblog/archive/2008/04/16/ca-dsm-gPatchVendor Advisory
- http://secunia.com/advisories/29837Vendor Advisory
- http://www.kb.cert.org/vuls/id/684883US Government Resource
- http://www.securityfocus.com/archive/1/490959/100/0/threaded
- http://www.securityfocus.com/bid/28809Patch
- http://www.securitytracker.com/id?1019872
- http://www.vupen.com/english/advisories/2008/1249/referencesVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41853
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=174256PatchVendor Advisory
- http://community.ca.com/blogs/casecurityresponseblog/archive/2008/04/16/ca-dsm-gPatchVendor Advisory
- http://secunia.com/advisories/29837Vendor Advisory
- http://www.kb.cert.org/vuls/id/684883US Government Resource
- http://www.securityfocus.com/archive/1/490959/100/0/threaded
- http://www.securityfocus.com/bid/28809Patch
- http://www.securitytracker.com/id?1019872
FAQ
What is CVE-2008-1786?
CVE-2008-1786 is a vulnerability with a CVSS score of 9.3 (HIGH). The DSM gui_cm_ctrls ActiveX control (gui_cm_ctrls.ocx), as used in multiple CA products including BrightStor ARCServe Backup for Laptops and Desktops r11.5, Desktop Management Suite r11.1 through r11...
How severe is CVE-2008-1786?
CVE-2008-1786 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1786?
Check the references section above for vendor advisories and patch information. Affected products include: Computer Associates Arcserve Backup Laptops And Desktops, Computer Associates Desktop And Server Management, Computer Associates Desktop Management Suite, Computer Associates Unicenter Asset Management, Computer Associates Unicenter Desktop Management Bundle.