ArcServeのListCtrlのActiveXでバッファオーバフローの脆弱性が存在するそうです。

The vulnerability is caused due to a boundary error in the "AddColumn()" method within the "ListCtrl" ActiveX control (ListCtrl.ocx), which can be exploited to cause a stack-based buffer overflow via an overly long argument passed to the affected method.
Successful exploitation allows execution of arbitrary code e.g. when a user visits a malicious web page.
The vulnerability is reported in version r11.5. Other versions may also be affected.

関連URL

• CAのバックアップソフトにゼロデイの脆弱性 - ITmedia エンタープライズ