{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"BrightStor ARCserve Backup v9.01 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA Server Protection Suite r2 ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"BrightStor Enterprise Backup r10.5 ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}},{"description":"CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 ;","product":{"name":"Small Business","vendor":{"name":"Cisco","scada":false}}},{"description":"BrightStor ARCserve Backup r11.5 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"BrightStor ARCserve Backup r11 for Windows ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2.","product":{"name":"Small Business","vendor":{"name":"Cisco","scada":false}}},{"description":"BrightStor ARCserve Backup r11.1 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA Business Protection Suite r2 ;","product":{"name":"N/A","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans BrightStor ARCserve Backup.\nElles affectent le service RPC du fichier mediasvr.exe. Un utilisateur\nmalintentionn\u00e9 peut, par le biais de paquets RPC sp\u00e9cifiquement con\u00e7us,\nex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2007-2139","url":"https://www.cve.org/CVERecord?id=CVE-2007-2139"},{"name":"CVE-2007-1785","url":"https://www.cve.org/CVERecord?id=CVE-2007-1785"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 ZDI-07-022 du 24 avril 2007 :","url":"http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"}],"reference":"CERTA-2007-AVI-188","revisions":[{"description":"version initiale.","revision_date":"2007-04-25T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Deux vuln\u00e9rabilit\u00e9s dans <span class=\"textit\">BrightStor ARCserve\nBackup</span> permettent l'ex\u00e9cution de code arbitraire \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9s dans BrightStor ARCserve Backup Media Server","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Computer Associates du 24 avril 2007","url":"http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"}]}