Newly found Vulnerabilities 03/18/08:
CA BrightStor ARCserve Backup Vulnerability
We have seen reports of a vulnerability in CA BrightStor
ARCserve Backup. This vulnerability is due to a boundary error within the
"AddColumn()" method in the "ListCtrl" ActiveX control.
Exploitation of this vulnerability may allow a remote attacker to cause a
stack-based buffer overflow and execute arbitrary code.
We encourage users to do the following to help mitigate the risk:
Set
a kill bit for the CLSID {BF6EFFF3-4558-4C4C-ADAF-A87891C5F3A3}.
Disable
ActiveX