{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-27T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ca-brightstor-csagent-bo(36825)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36825"}, {"name": "26914", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26914"}, {"name": "20070927 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"}, {"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"}, {"name": "ADV-2007-3275", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3275"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16"}, {"name": "25823", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25823"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"}, {"name": "1018747", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018747"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5082", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ca-brightstor-csagent-bo(36825)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36825"}, {"name": "26914", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26914"}, {"name": "20070927 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"}, {"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"}, {"name": "ADV-2007-3275", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3275"}, {"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16", "refsource": "CONFIRM", "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16"}, {"name": "25823", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25823"}, {"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690", "refsource": "CONFIRM", "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690"}, {"name": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp", "refsource": "CONFIRM", "url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"}, {"name": "1018747", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018747"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5082", "datePublished": "2007-10-01T20:00:00", "dateReserved": "2007-09-25T00:00:00", "dateUpdated": "2018-10-15T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:brightstor_hierarchical_storage_manager:11.5:*:*:*:*:*:*:*", "matchCriteriaId": "DFA3B0BE-B154-49CB-9456-4ECE828E02E2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en la regi\u00f3n stack de la memoria en Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) versiones anteriores a r11.6, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de comandos de servicio CsAgent no especificados con ciertos opcodes, relacionados a la falta de comprobaci\u00f3n de un par\u00e1metro lenght."}], "id": "CVE-2007-5082", "lastModified": "2021-04-07T18:20:00.057", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-01T20:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16"}, {"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/26914"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018747"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25823"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3275"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36825"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}