virus logo Intrusion Prevention

Symantec.Backup.Exec.Scheduler.ActiveX.Buffer.Overflow

description-logoDescription

This indicates an attack attempt to exploit a buffer-overflow vulnerability in Symantec Backup Exec for Windows.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious "Save" method. It allows a remote attacker to execute arbitrary code via a crafted web page.

affected-products-logoAffected Products

Symantec Backup Exec for Windows Servers 12.0
Symantec Backup Exec for Windows Servers 11d

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch, available from the web site:
Apply hotfix:
Symantec Backup Exec for Windows Servers 11d
Symantec be6235RHF31_32bit_300630.exe
http://support.veritas.com/docs/300630
Symantec be6235RHF31_x64bit_300631.exe
http://support.veritas.com/docs/300631
Symantec be7170RHF39_32bit_300627.exe
http://support.veritas.com/docs/300627
Symantec be7170RHF39_x64bit_300628.exe
http://support.veritas.com/docs/300628
Symantec Backup Exec for Windows Servers 12.0
Symantec be1364R300287_32bit_300632.exe
http://support.veritas.com/docs/300632
Symantec be1364R300287_x64bit_300633.exe
http://support.veritas.com/docs/300633

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://secunia.com/advisories/27885/german/
ID 15455
Created Mar 04, 2008
Updated Nov 08, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2007-6017 CVE-2007-6016
Exploit Prediction Score 95.79%
Default Action drop
Active
Affected OS Windows
Affected App Other