Vulnerabilities > Broadcom

DATE CVE VULNERABILITY TITLE RISK
2007-01-23 CVE-2007-0449 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Broadcom products
Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200.
network
low complexity
broadcom CWE-119
critical
10.0
2007-01-16 CVE-2006-5172 Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe String Handling Overflow," a different vulnerability than CVE-2006-5171.
network
low complexity
broadcom ca
critical
10.0
2007-01-16 CVE-2006-5171 Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172.
network
low complexity
broadcom ca
critical
10.0
2007-01-11 CVE-2007-0169 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Broadcom products
Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.
network
low complexity
broadcom CWE-119
7.5
2007-01-11 CVE-2007-0168 Unspecified vulnerability in Broadcom products
The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote attackers to execute arbitrary code via certain data in opnum 0xBF in an RPC request, which is directly executed.
network
low complexity
broadcom
7.5
2006-12-31 CVE-2006-6917 Unspecified vulnerability in Broadcom Brightstor Arcserve Backup Server 11.5
Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly handled in TAPEUTIL.dll 11.5.3884.0, or (2) opnum 37, which is not properly handled in TAPEENG.dll 11.5.3884.0.
network
low complexity
broadcom
critical
10.0
2006-12-31 CVE-2006-6905 Remote Security vulnerability in Widcomm Bluetooth
Unspecified vulnerability in the Widcomm Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors.
network
low complexity
broadcom
critical
10.0
2006-12-31 CVE-2006-6904 Remote Security vulnerability in Bluetooth Stack
Unspecified vulnerability in the Broadcom Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors.
7.9
2006-12-31 CVE-2006-6898 Remote Security vulnerability in Broadcom Widcomm Bluetooth 4.0.1.1500
Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 allows remote attackers to listen to and record conversations, aka the CarWhisperer attack.
network
low complexity
broadcom
7.8
2006-12-20 CVE-2006-6641 Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001_179_060830, as used in multiple products including BrightStor Portal r11.1, CleverPath Aion BPM r10 through r10.2, eTrust Security Command Center r1 and r8, and Unicenter, does not properly handle when multiple Portal servers are started at the same time and share the same data store, which might cause a Portal user to inherit the session and credentials of a user who is on another Portal server.
network
low complexity
arcserve broadcom cleverpath etrust unicenter
7.5