- 28 May 2008Advisories » BrightStor ARCserve Backup for Laptops & Desktops Unspecified Arbitrary Code Execution Vulnerabilities
| Release Date: | 11/06/2007 | Severity: | Moderately Critical  |
| SecWatch Advisory: | SWID1018136 | Cause: | Not specified |
| Solution Status: | Unpatched | Impact: | Execution of arbitrary code |
| Exploit Status: | None Available | Access Vector: | From local network |
| Affected Software: | BrightStor ARCserve Backup for Laptops & Desktops 11.x | ||
Description:
A vulnerability in BrightStor ARCserve Backup for Laptops & Desktops has been reported, which can be exploited by local users to compromise a vulnerable system.
The vulnerabilities are caused due to unspecified errors, which can be exploited to execute arbitrary code on an affected system with SYSTEM level privileges.
Note: Successful exploitation does not require user interaction.
Affected:
ARCserve Backup for Laptops & Desktops r11.1 is reported vulnerable.
Note: The vulnerability reportedly only affects server installations, not client installations.
Solution:
There was no vendor-supplied solution at the time of entry.
The vendor is reportedly currently working on a patch.
Credits:
Free Vulnerability Notification Service
Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.
Related Vulnerabilities and Exploits
17 Apr 08: CA Products DSM gui_cm_ctrls ActiveX Control Remote Code Executio..
17 Mar 08: CA BrightStor ARCserve Backup "ListCtrl" ActiveX Control Remote B..
16 Mar 08: CA BrightStor ARCserve Backup r11.5 Ac.. (ARCserve_AddColumn_BoF.html)
24 Jan 07: BrightStor ARCserve Backup for Laptops & Desktops Vulnerabilities..
24 Jan 06: CA Products iGateway Service Content-Length Buffer Overflow Vulne..