Symantec Backup Exec Job Engine Multiple Integer Overflow Vulnerabilities

Symantec Backup Exec Job Engine Multiple Integer Overflow Vulnerabilities

Symantec Backup Exec is prone to two remote integer-overflow vulnerabilities because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit these issues to cause an infinite loop that will exhaust memory or consume excessive CPU resources. Successful attacks will cause denial-of-service conditions.

Symantec Backup Exec for Windows Server 11.0.6235 and 11.0.7170 are vulnerable.