PT-2008-4593 · Ca · Ca Arcserve Backup For Laptops/Desktops

Published

2008-08-01

Updated

2021-04-08

CVE-2008-3175

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: CA ARCserve Backup for Laptops and Desktops versions 11.0 through 11.5

Description: The issue is related to an integer underflow in the rxRPC.dll component of the LGServer service. This can be exploited by remote attackers who send a crafted message, potentially leading to the execution of arbitrary code or a denial of service due to a buffer overflow.

Recommendations: For CA ARCserve Backup for Laptops and Desktops versions 11.0 through 11.5, consider applying a patch or update that fixes the integer underflow issue in the rxRPC.dll component. As a temporary workaround, restrict access to the LGServer service to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CVE-2008-3175

Affected Products

Ca Arcserve Backup For Laptops/Desktops

PT-2008-4593 · Ca · Ca Arcserve Backup For Laptops/Desktops

CVE-2008-3175

Weakness Enumeration

Related Identifiers

Affected Products

References · 9