Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-3825

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-18 Jul, 2007 | 23:00
Updated At-07 Aug, 2024 | 14:28
Rejected At-
Credits

Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:18 Jul, 2007 | 23:00
Updated At:07 Aug, 2024 | 14:28
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/26088
third-party-advisory
x_refsource_SECUNIA
http://www.securitytracker.com/id?1018405
vdb-entry
x_refsource_SECTRACK
http://www.securitytracker.com/id?1018402
vdb-entry
x_refsource_SECTRACK
http://www.securitytracker.com/id?1018404
vdb-entry
x_refsource_SECTRACK
http://www.securityfocus.com/bid/24947
vdb-entry
x_refsource_BID
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561
third-party-advisory
x_refsource_IDEFENSE
http://www.securitytracker.com/id?1018406
vdb-entry
x_refsource_SECTRACK
http://www.securitytracker.com/id?1018403
vdb-entry
x_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/35467
vdb-entry
x_refsource_XF
http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2007/2559
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/26088
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securitytracker.com/id?1018405
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.securitytracker.com/id?1018402
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.securitytracker.com/id?1018404
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.securityfocus.com/bid/24947
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561
Resource:
third-party-advisory
x_refsource_IDEFENSE
Hyperlink: http://www.securitytracker.com/id?1018406
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.securitytracker.com/id?1018403
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35467
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2007/2559
Resource:
vdb-entry
x_refsource_VUPEN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/26088
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securitytracker.com/id?1018405
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.securitytracker.com/id?1018402
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.securitytracker.com/id?1018404
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.securityfocus.com/bid/24947
vdb-entry
x_refsource_BID
x_transferred
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561
third-party-advisory
x_refsource_IDEFENSE
x_transferred
http://www.securitytracker.com/id?1018406
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.securitytracker.com/id?1018403
vdb-entry
x_refsource_SECTRACK
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/35467
vdb-entry
x_refsource_XF
x_transferred
http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2007/2559
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/26088
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018405
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018402
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018404
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.securityfocus.com/bid/24947
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561
Resource:
third-party-advisory
x_refsource_IDEFENSE
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018406
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018403
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35467
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2559
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:18 Jul, 2007 | 23:30
Updated At:07 Apr, 2021 | 18:20

Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Broadcom Inc.
broadcom
>>alert_notification_server>>*
cpe:2.3:a:broadcom:alert_notification_server:*:*:*:*:*:*:*:*
Broadcom Inc.
broadcom
>>brightstor_arcserve_backup>>9.01
cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
Broadcom Inc.
broadcom
>>brightstor_arcserve_backup>>11.1
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
Broadcom Inc.
broadcom
>>brightstor_arcserve_backup>>11.5
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
Broadcom Inc.
broadcom
>>brightstor_enterprise_backup>>10.5
cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
CA Technologies (Broadcom Inc.)
ca
>>anti-virus_for_the_enterprise>>8
cpe:2.3:a:ca:anti-virus_for_the_enterprise:8:*:enterprise:*:*:*:*:*
CA Technologies (Broadcom Inc.)
ca
>>brightstor_arcserve_backup>>11
cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
CA Technologies (Broadcom Inc.)
ca
>>brightstor_arcserve_client>>*
cpe:2.3:a:ca:brightstor_arcserve_client:*:*:windows:*:*:*:*:*
CA Technologies (Broadcom Inc.)
ca
>>protection_suites>>r3
cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*
CA Technologies (Broadcom Inc.)
ca
>>threat_manager>>8
cpe:2.3:a:ca:threat_manager:8:*:enterprise:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/26088cve@mitre.org
Patch
Vendor Advisory
http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.aspcve@mitre.org
Patch
http://www.securityfocus.com/bid/24947cve@mitre.org
N/A
http://www.securitytracker.com/id?1018402cve@mitre.org
N/A
http://www.securitytracker.com/id?1018403cve@mitre.org
N/A
http://www.securitytracker.com/id?1018404cve@mitre.org
N/A
http://www.securitytracker.com/id?1018405cve@mitre.org
N/A
http://www.securitytracker.com/id?1018406cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/2559cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/35467cve@mitre.org
N/A
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/26088
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/24947
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1018402
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1018403
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1018404
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1018405
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1018406
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/2559
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35467
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

13Records found
CVE-2009-3587
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-8.22% / 91.86%
||
7 Day CHG~0.00%
Published-13 Oct, 2009 | 10:00
Updated-07 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.

Action-Not Available
Vendor-n/aBroadcom Inc.Linux Kernel Organization, Inc
Product-secure_content_managerinternet_security_suite_2008common_servicesetrust_antivirusanti-virus_sdketrust_integrated_threat_managementanti-virus_for_the_enterpriseprotection_suitesarcserve_backupanti-virusetrust_ez_antivirusthreat_managerinternet_security_suite_plus_2008internet_security_suite_plus_2009linux_kernelanti-virus_plusarcserve_for_windows_client_agentetrust_anti-virus_gatewaythreat_manager_total_defensenetwork_and_systems_managementetrust_intrusion_detectionunicenter_network_and_systems_managementetrust_anti-virus_sdkanti-virus_gatewaygateway_securityarcserve_for_windows_server_componentetrust_secure_content_managerinternet_security_suiten/a
CVE-2009-4225
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-61.45% / 98.26%
||
7 Day CHG~0.00%
Published-08 Dec, 2009 | 18:00
Updated-07 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.dll) 5.6.7.9 in CA eTrust PestPatrol allows remote attackers to execute arbitrary code via a long argument to the Initialize method.

Action-Not Available
Vendor-n/a
Product-etrust_pestpatrole_ppctl.dll_activexn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-23613
Matching Score-8
Assigner-Exodus Intelligence
ShareView Details
Matching Score-8
Assigner-Exodus Intelligence
CVSS Score-10||CRITICAL
EPSS-7.65% / 91.51%
||
7 Day CHG~0.00%
Published-25 Jan, 2024 | 23:32
Updated-29 May, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symantec Deployment Solution Remote Code Execution

A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.

Action-Not Available
Vendor-Symantec CorporationBroadcom Inc.
Product-symantec_deployment_solutionsDeployment Solution
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-23617
Matching Score-8
Assigner-Exodus Intelligence
ShareView Details
Matching Score-8
Assigner-Exodus Intelligence
CVSS Score-9.6||CRITICAL
EPSS-2.38% / 84.34%
||
7 Day CHG~0.00%
Published-25 Jan, 2024 | 23:32
Updated-18 Oct, 2024 | 15:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symantec Data Loss Prevention Buffer Overflow

A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution.

Action-Not Available
Vendor-Broadcom Inc.Symantec Corporation
Product-symantec_data_center_security_serverData Loss Prevention
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2008-2511
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-4.70% / 88.92%
||
7 Day CHG~0.00%
Published-02 Jun, 2008 | 14:00
Updated-07 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the UmxEventCli.CachedAuditDataList.1 (aka UmxEventCliLib) ActiveX control in UmxEventCli.dll in CA Internet Security Suite 2008 allows remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the argument to the SaveToFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/a
Product-internet_security_suite_plus_2008n/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2008-1328
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-16.74% / 94.67%
||
7 Day CHG~0.00%
Published-07 Apr, 2008 | 18:00
Updated-07 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments."

Action-Not Available
Vendor-computer_associatesn/aBroadcom Inc.
Product-arcserve_backup_laptops_and_desktopsdesktop_management_suiten/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5004
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-13.03% / 93.81%
||
7 Day CHG~0.00%
Published-01 Oct, 2007 | 20:00
Updated-07 Aug, 2024 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain "useless" password.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-brightstor_arcserve_backup_laptops_desktopsdesktop_management_suiteprotection_suitesn/a
CWE ID-CWE-189
Not Available
CVE-2007-2864
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-79.93% / 99.07%
||
7 Day CHG~0.00%
Published-06 Jun, 2007 | 21:00
Updated-07 Aug, 2024 | 13:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-integrated_threat_managementetrust_antivirus_gatewaycommon_servicesetrust_antivirusanti-virus_for_the_enterpriseprotection_suitesbrightstor_arcserve_backupunicenter_network_and_systems_managementetrust_ez_armoretrust_antivirus_sdketrust_ez_antivirusetrust_secure_content_managerinternet_security_suiten/a
CVE-2007-3302
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-23.30% / 95.73%
||
7 Day CHG+2.14%
Published-26 Jul, 2007 | 00:00
Updated-07 Aug, 2024 | 14:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-etrust_intrusion_detectionn/a
CVE-2006-3976
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-1.03% / 76.40%
||
7 Day CHG~0.00%
Published-04 Aug, 2006 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-etrust_antivirus_webscann/a
CVE-2007-0060
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-21.17% / 95.45%
||
7 Day CHG~0.00%
Published-26 Jul, 2007 | 00:00
Updated-07 Aug, 2024 | 12:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-unicenter_managementcleverpath_aionbrightstor_portalunicenter_enterprise_job_managerunicenter_jasminecleverpath_olapunicenter_application_performance_monitoradvantage_data_transportunicenter_tngunicenter_asset_managementunicenter_software_deliveryunicenter_nsm_wireless_network_management_optionunicenter_data_transport_optionbrightstor_san_manageretrust_adminunicenter_service_level_managementunicenter_network_and_systems_managementcleverpath_ecmcleverpath_predictive_analysis_serverunicenter_remote_controln/a
CVE-2006-3977
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-1.03% / 76.40%
||
7 Day CHG~0.00%
Published-04 Aug, 2006 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and remote attackers related to "improper processing of outdated WebScan components."

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-etrust_antivirus_webscann/a
CVE-2011-1719
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-16.64% / 94.66%
||
7 Day CHG~0.00%
Published-27 Apr, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the Web Viewer ActiveX controls in CA Output Management Web Viewer 11.0 and 11.5 allow remote attackers to execute arbitrary code via (1) a long SRC property value to the PPSViewer ActiveX control in PPSView.ocx before 1.0.0.7 or (2) a long Title property value to the UOMWV_Helper ActiveX control in UOMWV_HelperActiveX.ocx before 11.5.0.1.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-output_management_web_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Details not found