Vulnerability Details : CVE-2007-3825
Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.
Vulnerability category: Execute code
Products affected by CVE-2007-3825
- cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
- cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*
- cpe:2.3:a:ca:anti-virus_for_the_enterprise:8:*:enterprise:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_client:*:*:windows:*:*:*:*:*
- cpe:2.3:a:ca:threat_manager:8:*:enterprise:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:alert_notification_server:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-3825
10.79%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-3825
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-3825
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/35467
-
http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
Patch
-
http://www.securitytracker.com/id?1018402
-
http://www.securitytracker.com/id?1018404
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561
Vendor Advisory
-
http://www.securitytracker.com/id?1018406
-
http://www.securitytracker.com/id?1018405
-
http://www.securitytracker.com/id?1018403
-
http://www.vupen.com/english/advisories/2007/2559
-
http://www.securityfocus.com/bid/24947
Jump to