A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Backup Exec System Recovery Manager. Authentication is not required to exploit this vulnerability.

http://www.securiteam.com/windowsntfocus/5IP0120NFY.html