Intrusion Prevention

Symantec.Backup.Exec.Scheduler.ActiveX.Stack.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Symantec Backup Exec for Windows.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious "Save" method. It allows a remote attacker to execute arbitrary code via a crafted web page.

Affected Products

Symantec Backup Exec for Windows Servers 12.0
Symantec Backup Exec for Windows Servers 11d

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
http://seer.entsupport.symantec.com/docs/300471.htm
Apply hotfix:
Symantec Backup Exec for Windows Servers 11d
Symantec be6235RHF31_32bit_300630.exe
http://support.veritas.com/docs/300630
Symantec be6235RHF31_x64bit_300631.exe
http://support.veritas.com/docs/300631
Symantec be7170RHF39_32bit_300627.exe
http://support.veritas.com/docs/300627
Symantec be7170RHF39_x64bit_300628.exe
http://support.veritas.com/docs/300628
Symantec Backup Exec for Windows Servers 12.0
Symantec be1364R300287_32bit_300632.exe
http://support.veritas.com/docs/300632
Symantec be1364R300287_x64bit_300633.exe
http://support.veritas.com/docs/300633

CVE References

CVE-2007-6017 CVE-2007-6016