Vulnerabilities > Symantec > Backup Exec FOR Windows Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2008-12-10 CVE-2008-5407 Improper Authentication vulnerability in Symantec Backup Exec for Windows Server 11D/12.0/12.5
Multiple unspecified vulnerabilities in the Backup Exec remote-agent logon process in Symantec Backup Exec for Windows Servers 11.0 (aka 11d) builds 6235 and 7170, 12.0 build 1364, and 12.5 build 2213 allow remote attackers to bypass authentication, and read or delete files, via unknown vectors.
network
low complexity
symantec CWE-287
critical
9.4
2008-12-10 CVE-2008-5408 Buffer Errors vulnerability in Symantec Backup Exec for Windows Server 11D/12.0/12.5
Buffer overflow in the data management protocol in Symantec Backup Exec for Windows Servers 11.0 (aka 11d) builds 6235 and 7170, 12.0 build 1364, and 12.5 build 2213 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors.
network
low complexity
symantec CWE-119
critical
9.0
2008-02-29 CVE-2007-6016 Buffer Errors vulnerability in Symantec Backup Exec for Windows Server 11D/12.0
Multiple stack-based buffer overflows in the PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server (BEWS) 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, allow remote attackers to execute arbitrary code via a long (1) _DOWText0, (2) _DOWText1, (3) _DOWText2, (4) _DOWText3, (5) _DOWText4, (6) _DOWText5, (7) _DOWText6, (8) _MonthText0, (9) _MonthText1, (10) _MonthText2, (11) _MonthText3, (12) _MonthText4, (13) _MonthText5, (14) _MonthText6, (15) _MonthText7, (16) _MonthText8, (17) _MonthText9, (18) _MonthText10, or (19) _MonthText11 property value when executing the Save method.
network
symantec CWE-119
critical
9.3