cpe:/a:ca:brightstor_arcserve_backup_laptops_desktops:4.0 cpe:/a:ca:brightstor_arcserve_backup_laptops_desktops:11.0 cpe:/a:ca:brightstor_arcserve_backup_laptops_desktops:11.1 cpe:/a:ca:brightstor_arcserve_backup_laptops_desktops:11.1:sp1 cpe:/a:ca:brightstor_arcserve_backup_laptops_desktops:11.5 cpe:/a:ca:desktop_management_suite:11.0 cpe:/a:ca:desktop_management_suite:11.1 cpe:/a:ca:desktop_management_suite:11.2 cpe:/a:ca:protection_suites:r2 CVE-2007-5003 2007-10-01T16:17:00.000-04:00 2008-09-05T17:29:38.390-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-10-02T09:28:00.000-04:00 ALLOWS_ADMIN_ACCESS SECTRACK 1018728 IDEFENSE 20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities EEYE 20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops BUGTRAQ 20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities BID 24348 SECUNIA 25606 IAVM IAVM:2008-B-0042 CONFIRM http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp CONFIRM http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006 CONFIRM http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674 Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function.