Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4347


Vulnerability Score 7.8 7.8
CVE Id CVE-2007-4347
Last Modified 07 Mar 2011 09:58:24
Published 29 Nov 2007 06:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Multiple integer overflows in the Job Engine (bengine.exe) service in Symantec Backup Exec for Windows Servers (BEWS) 11d build 11.0.7170 and allow remote attackers to cause a denial of service (CPU and memory consumption) via a crafted packet to port 5633/tcp, which triggers an infinite loop.

Vulnerable Systems


  • Symantec Backupexec System Recovery 11.0.6235

  • Symantec Backupexec System Recovery 11.0.7170


BID - 26029


SECUNIA - 26975

VUPEN - ADV-2007-4019

SECTRACK - 1019001


XF - backupexec-bengine-dos(38677)

BUGTRAQ - 20071128 SYM07-029 Symantec BEWS Multiple DoS in Job Engine

BUGTRAQ - 20071128 Secunia Research: Symantec Backup Exec Job Engine Denial of Service

Last Updated: 27 May 2016 10:45:50