Vulnerabilities (CVE)

Filtered by vendor Broadcom Subscribe
Total 510 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-2241 2 Broadcom, Ca 4 Brightstor Arcserve Backup, Server Protection Suite, Brightstor Arcserve Backup and 1 more 2024-11-21 10.0 HIGH N/A
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file.
CVE-2008-1984 1 Broadcom 1 Secure Content Manager 2024-11-21 7.8 HIGH N/A
The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure Content Manager 8.0.28000.511 and earlier allows remote attackers to cause a denial of service (crash or CPU consumption) via a malformed packet to TCP port 1882.
CVE-2008-1979 1 Broadcom 1 Brightstor Arcserve Backup 2024-11-21 5.0 MEDIUM N/A
The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.
CVE-2008-1329 2 Broadcom, Computer Associates 3 Desktop Management Suite, Arcserve Backup Laptops And Desktops, Desktop Management Suite 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads."
CVE-2008-1328 2 Broadcom, Computer Associates 3 Desktop Management Suite, Arcserve Backup Laptops And Desktops, Desktop Management Suite 2024-11-21 9.3 HIGH N/A
Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments."
CVE-2007-6406 1 Broadcom 1 Etrust Threat Management Console 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in CA (formerly Computer Associates) eTrust Threat Management Console allow remote attackers to inject arbitrary web script or HTML via the IP Address field and other unspecified fields.
CVE-2007-5923 1 Broadcom 1 Etrust Siteminder 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in forms/smpwservices.fcc in CA (formerly Computer Associates) eTrust SiteMinder Agent allows remote attackers to inject arbitrary web script or HTML via the SMAUTHREASON parameter, a different vector than CVE-2005-2204.
CVE-2007-5472 1 Broadcom 1 Host-based Intrusion Prevention System 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Server component in CA Host-Based Intrusion Prevention System (HIPS) before 8.0.0.93 allows remote attackers to inject arbitrary web script or HTML via requests that are written to logs for later display in the log viewer.
CVE-2007-5439 1 Broadcom 1 Etrust Integrated Threat Management 2024-11-21 5.0 MEDIUM N/A
CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors.
CVE-2007-5437 1 Broadcom 1 Etrust Integrated Threat Management 2024-11-21 5.8 MEDIUM N/A
The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote attackers to redirect users to arbitrary web sites via a crafted HTTP URL on port 6689.
CVE-2007-5435 1 Broadcom 1 Erwin Process Modeler 2024-11-21 4.3 MEDIUM N/A
Unspecified vulnerability in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.2 might allow user-assisted remote attackers to cause a denial of service via a crafted Data Standards File (Datatype Standards File).
CVE-2007-5332 1 Broadcom 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup 2024-11-21 10.0 HIGH N/A
Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption.
CVE-2007-5331 2 Broadcom, Ca 6 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite and 3 more 2024-11-21 10.0 HIGH N/A
Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.
CVE-2007-5330 1 Broadcom 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup 2024-11-21 10.0 HIGH N/A
The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruption related to the use of "handle" RPC arguments as pointers.
CVE-2007-5329 2 Broadcom, Ca 6 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite and 3 more 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.
CVE-2007-5328 1 Broadcom 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup 2024-11-21 10.0 HIGH N/A
The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain "insecure method calls" to modify the file system and registry, aka "Privileged function exposure."
CVE-2007-5327 1 Broadcom 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup 2024-11-21 10.0 HIGH N/A
Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.
CVE-2007-5326 2 Broadcom, Ca 6 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite and 3 more 2024-11-21 10.0 HIGH N/A
Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-5325 1 Broadcom 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup 2024-11-21 10.0 HIGH N/A
Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-5084 1 Broadcom 1 Brightstor Hierarchical Storage Manager 2024-11-21 6.8 MEDIUM N/A
Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others.