CVE-2007-3825

critical

Description

Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/35467

http://www.vupen.com/english/advisories/2007/2559

http://www.securitytracker.com/id?1018406

http://www.securitytracker.com/id?1018405

http://www.securitytracker.com/id?1018404

http://www.securitytracker.com/id?1018403

http://www.securitytracker.com/id?1018402

http://www.securityfocus.com/bid/24947

http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp

http://secunia.com/advisories/26088

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561

Details

Source: Mitre, NVD

Published: 2007-07-18

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.1409