LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read.
2007-02-03T01:28:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 7.8 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:C
10.0
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | broadcom | brightstor_arcserve_backup_laptops_desktops | 11.0 | Yes |
| Application | broadcom | brightstor_arcserve_backup_laptops_desktops | 11.1 | Yes |
| Application | broadcom | brightstor_arcserve_backup_laptops_desktops | 11.1 | Yes |
| Application | broadcom | business_protection_suite | 2.0 | Yes |
| Application | broadcom | desktop_management_suite | 11.0 | Yes |
| Application | broadcom | desktop_management_suite | 11.1 | Yes |
| Application | broadcom | desktop_protection_suite | 2.0 | Yes |
| Application | ca | business_protection_suite | 2.0 | Yes |
| Application | ca | business_protection_suite | 2.0 | Yes |