Back to search
CVE-2008-1472
Published: Mar 24, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
28268
vdb-entry
x_refsource_BID
ADV-2008-0902
vdb-entry
x_refsource_VUPEN
29408
third-party-advisory
x_refsource_SECUNIA
5264
exploit
x_refsource_EXPLOIT-DB
ca-arcserve-listctrl-bo(41225)
vdb-entry
x_refsource_XF
20080320 Note about recently publicized CA BrightStor ActiveX exploit code
mailing-list
x_refsource_BUGTRAQ
1019617
vdb-entry
x_refsource_SECTRACK
20080328 CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability
mailing-list
x_refsource_BUGTRAQ
http://community.ca.com/blogs/casecurityresponseblog/archive/2008/3/28.aspx
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now