cve-2007-2864
Vulnerability from cvelistv5
Published
2007-06-06 21:00
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24330",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24330"
},
{
"name": "20070605 ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
},
{
"name": "VU#105105",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/105105"
},
{
"name": "ADV-2007-2072",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2072"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
},
{
"name": "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
},
{
"name": "ca-multiple-antivirus-cofffiles-bo(34737)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
},
{
"name": "1018199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018199"
},
{
"name": "35245",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/35245"
},
{
"name": "25570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25570"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24330",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24330"
},
{
"name": "20070605 ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
},
{
"name": "VU#105105",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/105105"
},
{
"name": "ADV-2007-2072",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2072"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
},
{
"name": "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
},
{
"name": "ca-multiple-antivirus-cofffiles-bo(34737)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
},
{
"name": "1018199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018199"
},
{
"name": "35245",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/35245"
},
{
"name": "25570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25570"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24330",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24330"
},
{
"name": "20070605 ZDI-07-035: CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
},
{
"name": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
},
{
"name": "VU#105105",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/105105"
},
{
"name": "ADV-2007-2072",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2072"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-035.html"
},
{
"name": "20070607 [CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
},
{
"name": "ca-multiple-antivirus-cofffiles-bo(34737)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
},
{
"name": "1018199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018199"
},
{
"name": "35245",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35245"
},
{
"name": "25570",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25570"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2864",
"datePublished": "2007-06-06T21:00:00",
"dateReserved": "2007-05-24T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6B76576-ABB1-439E-80B0-0B5AAE14BA45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"443AB333-2C99-42FF-8F4E-A487BF588E85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C339825-77F9-478A-B1F7-A297D5715396\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E37161BE-6AF5-40E0-BD63-2C17431D8B36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"477EE032-D183-478F-A2BF-6165277A7414\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:common_services:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A0DD264-59A8-4B76-8D7F-138AEA7B1912\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:common_services:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"062DB370-929D-4FE1-A925-2FB5706C9409\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:common_services:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D7957A4-D763-488F-B2B1-E00F428AD1AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:common_services:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F5A6578-902D-4D9F-AB19-C6484E878CEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:common_services:2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2E79928-E5E2-42E5-9E09-58ADF9E76A74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:common_services:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7587982-C722-4754-8744-8C7D43E191B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_antivirus:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71D3160D-539D-4E26-8B0B-C372315EE700\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52C533CA-ACB7-4C0F-98E2-B5E51E24A554\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DD2FE1C-8894-41EC-B686-932F0ACC41C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_antivirus_sdk:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4996345-E5B0-42E2-8592-41B9BC805740\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_ez_antivirus:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"538F7CEC-D8A8-444F-9A9C-D1FF01EA7450\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_ez_armor:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"714BCFBA-B843-4C14-AA78-F7CF17899D28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C61D9546-7619-465B-B3CA-C60218CD574B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_ez_armor:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59035C39-14BA-4874-8874-75AA52D9AA38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:etrust_ez_armor:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4292DD3A-6B79-43E0-8D2F-267375A3CBF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:integrated_threat_management:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C167CC34-95AE-45CD-A1CE-64FF738DE25E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:internet_security_suite:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"74F3CAC8-447B-467B-87C1-DD565B41515A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:internet_security_suite:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B61BE84B-3BDA-489E-94E8-187A1B0F9281\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"285013A5-E058-4B2B-B8B6-1BFF72388589\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EFA39E3-A614-4A64-B29C-86D6F12F1557\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B4434A4-EE82-46A1-9293-345991515369\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43CD3B48-C978-4FDB-B157-85F3E971446B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DB54A16-5E56-46FC-A49C-56C98C0B8F1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47C10BA4-B241-4F65-8FA1-AD88266C03B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer basado en pila en el motor antivirus anterior a la actualizaci\\u00f3n de contenido 30.6 de m\\u00faltiples productos CA (antiguamente Computer Associates) permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n mediante un valor largo no v\\u00e1lido del campo coffFiles en un fichero .CAB.\"}]",
"id": "CVE-2007-2864",
"lastModified": "2024-11-21T00:31:50.643",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2007-06-06T21:30:00.000",
"references": "[{\"url\": \"http://secunia.com/advisories/25570\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/105105\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/35245\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/470602/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/470754/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/24330\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1018199\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2072\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-07-035.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/34737\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/25570\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/105105\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/35245\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/470602/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/470754/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/24330\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1018199\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2072\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-07-035.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/34737\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2007-2864\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-06-06T21:30:00.000\",\"lastModified\":\"2024-11-21T00:31:50.643\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en el motor antivirus anterior a la actualizaci\u00f3n de contenido 30.6 de m\u00faltiples productos CA (antiguamente Computer Associates) permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un valor largo no v\u00e1lido del campo coffFiles en un fichero .CAB.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6B76576-ABB1-439E-80B0-0B5AAE14BA45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"443AB333-2C99-42FF-8F4E-A487BF588E85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C339825-77F9-478A-B1F7-A297D5715396\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E37161BE-6AF5-40E0-BD63-2C17431D8B36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"477EE032-D183-478F-A2BF-6165277A7414\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:common_services:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A0DD264-59A8-4B76-8D7F-138AEA7B1912\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:common_services:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"062DB370-929D-4FE1-A925-2FB5706C9409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:common_services:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D7957A4-D763-488F-B2B1-E00F428AD1AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:common_services:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F5A6578-902D-4D9F-AB19-C6484E878CEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:common_services:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2E79928-E5E2-42E5-9E09-58ADF9E76A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:common_services:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7587982-C722-4754-8744-8C7D43E191B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_antivirus:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D3160D-539D-4E26-8B0B-C372315EE700\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C533CA-ACB7-4C0F-98E2-B5E51E24A554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DD2FE1C-8894-41EC-B686-932F0ACC41C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_antivirus_sdk:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4996345-E5B0-42E2-8592-41B9BC805740\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_ez_antivirus:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"538F7CEC-D8A8-444F-9A9C-D1FF01EA7450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_ez_armor:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"714BCFBA-B843-4C14-AA78-F7CF17899D28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C61D9546-7619-465B-B3CA-C60218CD574B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_ez_armor:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59035C39-14BA-4874-8874-75AA52D9AA38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:etrust_ez_armor:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4292DD3A-6B79-43E0-8D2F-267375A3CBF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:integrated_threat_management:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C167CC34-95AE-45CD-A1CE-64FF738DE25E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:internet_security_suite:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74F3CAC8-447B-467B-87C1-DD565B41515A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:internet_security_suite:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B61BE84B-3BDA-489E-94E8-187A1B0F9281\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"285013A5-E058-4B2B-B8B6-1BFF72388589\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EFA39E3-A614-4A64-B29C-86D6F12F1557\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B4434A4-EE82-46A1-9293-345991515369\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43CD3B48-C978-4FDB-B157-85F3E971446B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DB54A16-5E56-46FC-A49C-56C98C0B8F1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47C10BA4-B241-4F65-8FA1-AD88266C03B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"253A8082-9AE4-4049-A1D0-B7ACB5C2E8D3\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/25570\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/105105\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/35245\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/470602/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/470754/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/24330\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1018199\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2072\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-07-035.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34737\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/25570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/105105\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/35245\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/470602/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/470754/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/24330\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1018199\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2072\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-07-035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34737\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.