CVE-2007-6016

Name of the Vulnerable Software and Affected Versions Symantec Backup Exec for Windows Server versions 11.0.6235 through 11.0.7170 Symantec Backup Exec for Windows Server version 12.0.1364

Description The issue is related to multiple stack-based buffer overflows in the PVATLCalendar.PVCalendar.1 ActiveX control. This can be exploited by remote attackers to execute arbitrary code via long property values, such as DOWText0, DOWText1, DOWText2, DOWText3, DOWText4, DOWText5, DOWText6, MonthText0, MonthText1, MonthText2, MonthText3, MonthText4, MonthText5, MonthText6, MonthText7, MonthText8, MonthText9, MonthText10, or MonthText11, when executing the Save method. It is noted that while the vendor states authenticated user involvement is required, authentication is not needed to attack a client machine that loads this control.

Recommendations For Symantec Backup Exec for Windows Server versions 11.0.6235 through 11.0.7170, consider disabling the PVATLCalendar.PVCalendar.1 ActiveX control until a patch is available. For Symantec Backup Exec for Windows Server version 12.0.1364, consider disabling the PVATLCalendar.PVCalendar.1 ActiveX control until a patch is available. As a temporary workaround, avoid using long property values for DOWText0, DOWText1, DOWText2, DOWText3, DOWText4, DOWText5, DOWText6, MonthText0, MonthText1, MonthText2, MonthText3, MonthText4, MonthText5, MonthText6, MonthText7, MonthText8, MonthText9, MonthText10, or MonthText11 when executing the Save method.