Symantec.Backup.Exec.Scheduler.ActiveX.Buffer.Overflow
Description
This indicates an attack attempt to exploit a buffer-overflow vulnerability in Symantec Backup Exec for Windows.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious "Save" method. It allows a remote attacker to execute arbitrary code via a crafted web page.
Affected Products
Symantec Backup Exec for Windows Servers 12.0
Symantec Backup Exec for Windows Servers 11d
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch, available from the web site:
Apply hotfix:
Symantec Backup Exec for Windows Servers 11d
Symantec be6235RHF31_32bit_300630.exe
http://support.veritas.com/docs/300630
Symantec be6235RHF31_x64bit_300631.exe
http://support.veritas.com/docs/300631
Symantec be7170RHF39_32bit_300627.exe
http://support.veritas.com/docs/300627
Symantec be7170RHF39_x64bit_300628.exe
http://support.veritas.com/docs/300628
Symantec Backup Exec for Windows Servers 12.0
Symantec be1364R300287_32bit_300632.exe
http://support.veritas.com/docs/300632
Symantec be1364R300287_x64bit_300633.exe
http://support.veritas.com/docs/300633
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |