Vulnerabilities > Broadcom > Brightstor Arcserve Backup Laptops Desktops > 4.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-10-01 | CVE-2007-5006 | Improper Authentication vulnerability in multiple products Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores. | 10.0 |
2007-10-01 | CVE-2007-5005 | Path Traversal vulnerability in multiple products Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command. | 10.0 |
2007-10-01 | CVE-2007-5004 | Numeric Errors vulnerability in multiple products Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain "useless" password. | 9.3 |
2007-10-01 | CVE-2007-5003 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function. | 10.0 |