{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"CA Desktop Management Suite 11.2 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA ARCserve Backup for Laptops and Desktops r11.1 SP1 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA ARCserve Backup for Laptops and Desktops r11.0 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA Desktop Management Suite 11.0 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA ARCserve Backup for Laptops and Desktops r11.1 SP2 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA ARCserve Backup for Laptops and Desktops r11.5 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA Protection Suite r2.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA ARCserve Backup for Laptops and Desktops r11.1 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA Desktop Management Suite 11.1 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA ARCserve Backup for Laptops and Desktops r4.0 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentent dans les produits ARCserve\nBackup for Laptops and Desktops de Computer Associates. Ces\nvuln\u00e9rabilit\u00e9s sont toutes relatives \u00e0 un manque de contr\u00f4le dans les\n\u00e9l\u00e9ments suivant du logiciel :\n\n-   le service LGServer ;\n-   le service d'authentification de ARCserve Backup ;\n-   le service d'autentification rxLogin ;\n-   le service NetBackup lors d'un t\u00e9l\u00e9chargement de fichier.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2007-5004","url":"https://www.cve.org/CVERecord?id=CVE-2007-5004"},{"name":"CVE-2007-5005","url":"https://www.cve.org/CVERecord?id=CVE-2007-5005"},{"name":"CVE-2007-3216","url":"https://www.cve.org/CVERecord?id=CVE-2007-3216"},{"name":"CVE-2007-5006","url":"https://www.cve.org/CVERecord?id=CVE-2007-5006"},{"name":"CVE-2007-5003","url":"https://www.cve.org/CVERecord?id=CVE-2007-5003"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Computer Associates :","url":"http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"},{"title":"Bulletin de s\u00e9curit\u00e9 iDefense du 21 septembre 2007 :","url":"http://www.idefense.com/application/poi/display?id=599"},{"title":"Bulletin de s\u00e9curit\u00e9 iDefense du 21 septembre 2007 :","url":"http://www.idefense.com/application/poi/display?id=598"}],"reference":"CERTA-2007-AVI-415","revisions":[{"description":"version initiale.","revision_date":"2007-09-24T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s dans les produits ARCserve de Computer\nAssociate permettent \u00e0 un utilisateur distant d'ex\u00e9cuter du code\narbitraire.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits CA ARCserve","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 CA ARCserve du 21 septembre 2007","url":null}]}