CVE-2008-1472

Description

Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method.

Software From Fixed in
computer_associates / desktop_management_suite r11.1-a r11.1-a.x
computer_associates / desktop_management_suite r11.1-c1 r11.1-c1.x
computer_associates / desktop_management_suite r11.1-ga r11.1-ga.x
computer_associates / desktop_management_suite r11.2 r11.2.x
unicenter / remote_control r11.1-a r11.1-a.x
unicenter / remote_control r11.1-c1 r11.1-c1.x
unicenter / remote_control r11.1-ga r11.1-ga.x
unicenter / remote_control r11.2 r11.2.x
unicenter / remote_control r11.2-a r11.2-a.x
unicenter / remote_control r11.2-c1 r11.2-c1.x
unicenter / desktop_management_bundle r11.1-a r11.1-a.x
unicenter / desktop_management_bundle r11.1-c1 r11.1-c1.x
unicenter / desktop_management_bundle r11.1-ga r11.1-ga.x
unicenter / desktop_management_bundle r11.2 r11.2.x
unicenter / desktop_management_bundle r11.2-a r11.2-a.x
unicenter / desktop_management_bundle r11.2-c1 r11.2-c1.x
unicenter / asset_management r11.1-a r11.1-a.x
unicenter / asset_management r11.1-c1 r11.1-c1.x
unicenter / asset_management r11.1-ga r11.1-ga.x
unicenter / asset_management r11.2 r11.2.x
unicenter / asset_management r11.2-a r11.2-a.x
unicenter / asset_management r11.2-c1 r11.2-c1.x
unicenter / software_delivery r11.1-a r11.1-a.x
unicenter / software_delivery r11.1-c1 r11.1-c1.x
unicenter / software_delivery r11.1-ga r11.1-ga.x
unicenter / software_delivery r11.2 r11.2.x
unicenter / software_delivery r11.2-a r11.2-a.x
unicenter / software_delivery r11.2-c1 r11.2-c1.x
computer_associates / brightstor_arcserve_backup_laptops_desktops 11.5 11.5.x
computer_associates / unicenter_dsm_r11_list_control_atx 11.2.3.1895 11.2.3.1895.x