Vulnerabilities > Broadcom > Business Protection Suite > Critical

DATE CVE VULNERABILITY TITLE RISK
2008-10-14 CVE-2008-4397 Improper Input Validation vulnerability in multiple products
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a ..
network
low complexity
broadcom ca CWE-20
critical
10.0
2007-10-13 CVE-2007-5326 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
broadcom ca CWE-119
critical
10.0
2007-10-13 CVE-2007-5329 Resource Management Errors vulnerability in multiple products
Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.
network
low complexity
broadcom ca CWE-399
critical
10.0
2007-10-13 CVE-2007-5331 Code Injection vulnerability in multiple products
Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.
network
low complexity
broadcom ca CWE-94
critical
10.0
2007-04-25 CVE-2007-2139 Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.
network
low complexity
broadcom ca
critical
10.0
2007-01-23 CVE-2007-0449 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Broadcom products
Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200.
network
low complexity
broadcom CWE-119
critical
10.0