Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.Description
This signature detects an attempt to exploit a vulnerability caused by passing specially crafted values to parameters of a Symantec BackupExec ActiveX control.Additional Information
Vulnerabilities were reported in an ActiveX control that Symantec's Backup Exec for Windows Server (BEWS) installs with its scheduler. Exploitation of these issues could possibly lead to unauthorized information disclosure, system information corruption or potentially allow arbitrary code execution in the context of the user's browser.Affected
- Symantec Backup Exec for Windows Server 11d (11.0.6235)
- Symantec Backup Exec for Windows Server 11d (11.0.7170)
- Symantec Backup Exec for Windows Server 12.0 (12.0.1364)
Response
Symantec has released hotfixes to handle this vulnerability.The patches for affected products are available from the following location:
http://support.veritas.com/docs/300471