Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10351
Multiple vulnerabilities in Symantec Backup Exec
Updated: 06/01/2019
Detect date
?
 08/05/2013
Severity
?
 Critical
Description

Multiple serious vulnerabilities have been found in Symantec Backup Exec. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, read-write backup files, inject scripts and execute arbitrary code Below is a complete list of vulnerabilities

  1. Vectors related to NDMP protocol can be exploited remotely;
  2. Weak file permissions can be exploited locally via file modification;
  3. XSS vulnerabilities can be exploited remotely via vectors related to web interface;
  4. A buffer overflow can be exploited remotely via unspecified vectors.
Affected products

Symantec Backup Exec 2010 R3 service packs 2 and earlier
Symantec Backup Exec 2012 service packs 1 and earlier
Solution

Update to latest version
Original advisories

Symantec advisory
Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

CI 
[?]

WLF 
[?]

RLF 
[?]
Related products
 VERITAS Backup Exec
CVE-IDS
?
CVE-2013-46782.7Warning
CVE-2013-46764.3Warning
CVE-2013-46774.3Warning
CVE-2013-45757.9Critical
© 2019 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up