Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Arcserve_backup
(Ca)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 11 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2009-10-13 | CVE-2009-3587 | Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. | Anti\-Virus, Anti\-Virus_for_the_enterprise, Anti\-Virus_sdk, Common_services, Etrust_antivirus, Etrust_integrated_threat_management, Etrust_intrusion_detection, Etrust_secure_content_manager, Internet_security_suite, Network_and_systems_management, Secure_content_manager, Unicenter_network_and_systems_management, Anti\-Virus, Anti\-Virus_for_the_enterprise, Anti\-Virus_gateway, Anti\-Virus_plus, Arcserve_backup, Arcserve_for_windows_client_agent, Arcserve_for_windows_server_component, Common_services, Etrust_anti\-Virus_gateway, Etrust_anti\-Virus_sdk, Etrust_ez_antivirus, Etrust_intrusion_detection, Etrust_secure_content_manager, Gateway_security, Internet_security_suite_2008, Internet_security_suite_plus_2008, Internet_security_suite_plus_2009, Protection_suites, Threat_manager, Threat_manager_total_defense | N/A | ||
| 2009-10-13 | CVE-2009-3588 | Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587. | Anti\-Virus, Anti\-Virus_for_the_enterprise, Anti\-Virus_sdk, Arcserve_backup, Common_services, Etrust_antivirus, Etrust_integrated_threat_management, Etrust_intrusion_detection, Etrust_secure_content_manager, Internet_security_suite, Network_and_systems_management, Secure_content_manager, Unicenter_network_and_systems_management, Anti\-Virus, Anti\-Virus_for_the_enterprise, Anti\-Virus_gateway, Anti\-Virus_plus, Arcserve_backup, Arcserve_for_windows_client_agent, Arcserve_for_windows_server_component, Common_services, Etrust_anti\-Virus_gateway, Etrust_anti\-Virus_sdk, Etrust_ez_antivirus, Etrust_intrusion_detection, Etrust_secure_content_manager, Gateway_security, Internet_security_suite_2008, Internet_security_suite_plus_2008, Internet_security_suite_plus_2009, Protection_suites, Threat_manager, Threat_manager_total_defense | N/A | ||
| 2009-01-28 | CVE-2009-0042 | Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. | Anti\-Spyware, Anti\-Spyware_for_the_enterprise, Anti\-Virus, Anti\-Virus_for_the_enterprise, Anti\-Virus_sdk, Antivirus_gateway, Arcserve_client_agent, Common_services, Etrust_ez_antivirus, Etrust_intrusion_detection, Network_and_systems_management, Secure_content_manager, Arcserve_backup, Etrust_intrusion_detection, Internet_security_suite_2007, Internet_security_suite_2008, Internet_security_suite_plus_2008, Protection_suites, Threat_manager_for_the_enterprise | N/A | ||
| 2008-10-14 | CVE-2008-4400 | Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation." | Arcserve_backup, Business_protection_suite, Server_protection_suite, Arcserve_backup, Business_protection_suite | N/A | ||
| 2008-10-14 | CVE-2008-4399 | Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation." | Arcserve_backup, Business_protection_suite, Server_protection_suite, Arcserve_backup, Business_protection_suite | N/A | ||
| 2008-10-14 | CVE-2008-4398 | Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request. | Arcserve_backup, Business_protection_suite, Server_protection_suite, Arcserve_backup, Business_protection_suite | N/A | ||
| 2008-10-14 | CVE-2008-4397 | Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A. | Arcserve_backup, Business_protection_suite, Server_protection_suite, Arcserve_backup, Business_protection_suite | N/A | ||
| 2008-12-11 | CVE-2008-5415 | The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure. | Arcserve_backup, Arcserve_backup | N/A | ||
| 2001-05-18 | CVE-2001-1346 | Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. | Arcserve_backup, Arcserve_backup | N/A | ||
| 2009-06-16 | CVE-2009-1761 | The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error. | Arcserve_backup | N/A |