Symantec has announced that "NGS Research identified multiple DCOM servers in VERITAS Storage Exec". There is no advisory posted at the NGS Research Advisory page as of this time. The Symantec Advisory says "Multiple VERITAS Storage Exec DCOM server components have been identified as susceptible to buffer overflows through calls to associated ActiveX controls." "Successful exploitation is highly dependent on user involvement for malicious code to gain initial access to the system."

Affected Product	Version
Build Storage Exec	5.3 Rev. 2190
Storage Central	5.2 Rev. 322

Older versions may be affected as well.