CVE-2008-1472

Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:computer_associates:brightstor_arcserve_backup_laptops_desktops:11.5:*:*:*:*:*:*:*
cpe:2.3:a:computer_associates:desktop_management_suite:r11.1:a:*:*:*:*:*:*
cpe:2.3:a:computer_associates:desktop_management_suite:r11.1:c1:*:*:*:*:*:*
cpe:2.3:a:computer_associates:desktop_management_suite:r11.1:ga:*:*:*:*:*:*
cpe:2.3:a:computer_associates:desktop_management_suite:r11.2:*:*:*:*:*:*:*
cpe:2.3:a:computer_associates:unicenter_dsm_r11_list_control_atx:11.2.3.1895:*:*:*:*:*:*:*
cpe:2.3:a:unicenter:asset_management:r11.1:a:*:*:*:*:*:*
cpe:2.3:a:unicenter:asset_management:r11.1:c1:*:*:*:*:*:*
cpe:2.3:a:unicenter:asset_management:r11.1:ga:*:*:*:*:*:*
cpe:2.3:a:unicenter:asset_management:r11.2:*:*:*:*:*:*:*
cpe:2.3:a:unicenter:asset_management:r11.2:a:*:*:*:*:*:*
cpe:2.3:a:unicenter:asset_management:r11.2:c1:*:*:*:*:*:*
cpe:2.3:a:unicenter:desktop_management_bundle:r11.1:a:*:*:*:*:*:*
cpe:2.3:a:unicenter:desktop_management_bundle:r11.1:c1:*:*:*:*:*:*
cpe:2.3:a:unicenter:desktop_management_bundle:r11.1:ga:*:*:*:*:*:*
cpe:2.3:a:unicenter:desktop_management_bundle:r11.2:*:*:*:*:*:*:*
cpe:2.3:a:unicenter:desktop_management_bundle:r11.2:a:*:*:*:*:*:*
cpe:2.3:a:unicenter:desktop_management_bundle:r11.2:c1:*:*:*:*:*:*
cpe:2.3:a:unicenter:remote_control:r11.1:a:*:*:*:*:*:*
cpe:2.3:a:unicenter:remote_control:r11.1:c1:*:*:*:*:*:*
cpe:2.3:a:unicenter:remote_control:r11.1:ga:*:*:*:*:*:*
cpe:2.3:a:unicenter:remote_control:r11.2:*:*:*:*:*:*:*
cpe:2.3:a:unicenter:remote_control:r11.2:a:*:*:*:*:*:*
cpe:2.3:a:unicenter:remote_control:r11.2:c1:*:*:*:*:*:*
cpe:2.3:a:unicenter:software_delivery:r11.1:a:*:*:*:*:*:*
cpe:2.3:a:unicenter:software_delivery:r11.1:c1:*:*:*:*:*:*
cpe:2.3:a:unicenter:software_delivery:r11.1:ga:*:*:*:*:*:*
cpe:2.3:a:unicenter:software_delivery:r11.2:*:*:*:*:*:*:*
cpe:2.3:a:unicenter:software_delivery:r11.2:a:*:*:*:*:*:*
cpe:2.3:a:unicenter:software_delivery:r11.2:c1:*:*:*:*:*:*

History

21 Nov 2024, 00:44

Type Values Removed Values Added
References () http://community.ca.com/blogs/casecurityresponseblog/archive/2008/3/28.aspx - () http://community.ca.com/blogs/casecurityresponseblog/archive/2008/3/28.aspx -
References () http://secunia.com/advisories/29408 - Vendor Advisory () http://secunia.com/advisories/29408 - Vendor Advisory
References () http://www.securityfocus.com/archive/1/489893/100/0/threaded - () http://www.securityfocus.com/archive/1/489893/100/0/threaded -
References () http://www.securityfocus.com/archive/1/490263/100/0/threaded - () http://www.securityfocus.com/archive/1/490263/100/0/threaded -
References () http://www.securityfocus.com/bid/28268 - Exploit () http://www.securityfocus.com/bid/28268 - Exploit
References () http://www.securitytracker.com/id?1019617 - () http://www.securitytracker.com/id?1019617 -
References () http://www.vupen.com/english/advisories/2008/0902/references - Vendor Advisory () http://www.vupen.com/english/advisories/2008/0902/references - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/41225 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/41225 -
References () https://www.exploit-db.com/exploits/5264 - () https://www.exploit-db.com/exploits/5264 -

Information

Published : 2008-03-24 22:44

Updated : 2024-11-21 00:44


NVD link : CVE-2008-1472

Mitre link : CVE-2008-1472

CVE.ORG link : CVE-2008-1472


JSON object : View

Products Affected

computer_associates

  • desktop_management_suite
  • brightstor_arcserve_backup_laptops_desktops
  • unicenter_dsm_r11_list_control_atx

unicenter

  • remote_control
  • software_delivery
  • desktop_management_bundle
  • asset_management
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer