{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"CA BrightStor ARCserve Backup v9.01 ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"CA Server Protection Suite r2 ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"CA BrightStor ARCserve Backup r11.5 SP1 et ant\u00e9rieures (clients et serveurs) ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"CA BrightStor ARCserve Backup 10.5 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 ;","product":{"name":"Small Business","vendor":{"name":"Cisco","scada":false}}},{"description":"CA BrightStor ARCserve Backup for Windows r11 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"CA BrightStor ARCserve Backup r11.1 ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2.","product":{"name":"Small Business","vendor":{"name":"Cisco","scada":false}}},{"description":"CA Business Protection Suite r2 ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDes vuln\u00e9rabilit\u00e9s de type d\u00e9passement de m\u00e9moire (Stack Overflow) dans\nDBASVR.exe peuvent conduire un utilisateur mal intentionn\u00e9 \u00e0 ex\u00e9cuter du\ncode arbitraire \u00e0 distance avec les droits administrateurs du syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n\nLes correctifs publi\u00e9s le 05 octobre 2006 doivent \u00eatre compl\u00e9t\u00e9s par\nceux d\u00e9crits dans le bulletin du 19 octobre 2006.\n","cves":[],"links":[{"title":"Nouveau bulletin de s\u00e9curit\u00e9 CA (CAID 34693,34694) du 19    octobre 2006 :","url":"http://www3.ca.com/securityadvisor/blogs/posting.aspx?id=90744&pid=94397&date=2006/10"},{"title":"Bulletin de s\u00e9curit\u00e9 CA du 05 octobre 2006 :","url":"http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp"},{"title":"Bulletin de s\u00e9curit\u00e9 TippingPoint du 05 octobre 2006 :","url":"http://www.tippingpoint.com/security/advisories/TSRT-06-11.html"}],"reference":"CERTA-2006-AVI-430","revisions":[{"description":"version initiale.","revision_date":"2006-10-06T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence au nouveau bulletin CA du 19 octobre 2006.","revision_date":"2006-10-23T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s dans les produits CA BrightStor ARCserve\nBackup peuvent conduire un utilisateur mal intentionn\u00e9 \u00e0 ex\u00e9cuter du\ncode arbitraire sur le serveur.\n","title":"Vuln\u00e9rabilit\u00e9s dans CA BrightStor ARCserve Backup","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 de Computer Associates du 05 octobre 2006","url":null}]}