Vulnerability Details : CVE-2007-3825
Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2007-3825
Probability of exploitation activity in the next 30 days: 10.79%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-3825
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-3825
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/35467
-
http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
Patch
-
http://www.securitytracker.com/id?1018402
-
http://www.securitytracker.com/id?1018404
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561
Vendor Advisory
-
http://www.securitytracker.com/id?1018406
-
http://www.securitytracker.com/id?1018405
-
http://www.securitytracker.com/id?1018403
-
http://www.vupen.com/english/advisories/2007/2559
-
http://www.securityfocus.com/bid/24947
Products affected by CVE-2007-3825
- cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
- cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*
- cpe:2.3:a:ca:anti-virus_for_the_enterprise:8:*:enterprise:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_client:*:*:windows:*:*:*:*:*
- cpe:2.3:a:ca:threat_manager:8:*:enterprise:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:alert_notification_server:*:*:*:*:*:*:*:*