Unrated severityNVD Advisory· Published Dec 31, 2006· Updated Jun 16, 2026
CVE-2006-6917
CVE-2006-6917
Description
Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly handled in TAPEUTIL.dll 11.5.3884.0, or (2) opnum 37, which is not properly handled in TAPEENG.dll 11.5.3884.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:broadcom:brightstor_arcserve_backup_server:11.5:*:*:*:*:*:*:*
- Range: <= R11.5 (before SP2)
Patches
Vulnerability mechanics
References
12- supportconnectw.ca.com/public/storage/infodocs/basbrtapeeng-secnotice.aspnvd
- www.lssec.com/advisories/LS-20060908.pdfnvd
- www.lssec.com/advisories/LS-20061001.pdfnvd
- www.securityfocus.com/archive/1/453930/30/390/threadednvd
- www.securityfocus.com/archive/1/453933/30/420/threadednvd
- www.securityfocus.com/archive/1/454088/30/0/threadednvd
- www.securityfocus.com/archive/1/454094/30/360/threadednvd
- www.securityfocus.com/archive/1/456428/100/0/threadednvd
- www.securityfocus.com/archive/1/456711nvd
- www3.ca.com/securityadvisor/newsinfo/collateral.aspxnvd
- www3.ca.com/securityadvisor/vulninfo/vuln.aspxnvd
- www.exploit-db.com/exploits/3086nvd
News mentions
0No linked articles in our index yet.