Symantec closes holes in Backup Exec for Windows Server
Symantec has released a hotfix to resolve several vulnerabilities in its Backup Exec for Windows Server. According to the advisory, a scheduler or calendar included in the installation incorporates an ActiveX control (
pvcalendar.ocx). This control is vulnerable to buffer overflows that can be exploited to inject and execute arbitrary code. The control also contains an unsafe method which allows files to be overwritten or created anywhere on the system.
For a successful attack a victim has to use Internet Explorer to visit a specially crafted web page. Since the vulnerable systems are servers, Symantec classifies the risk of exploitation as low – assuming that administrators don't normally use servers to browse the web.
The affected versions are:
- Symantec Backup Exec for Windows Server 11d build 11.0.6235
- Symantec Backup Exec for Windows Server 11d build 11.0.7170
- Symantec Backup Exec for Windows Server 12.0 build 12.0.1364
- Symantec’s Backup Exec for Windows Server: Multiple Vulnerabilities in Scheduler, Symantec security advisory
- Symantec Backup Exec Calendar Control Multiple Vulnerabilities, Secunia advisory