Vulnerability Details CVE-2007-3302
The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.212
EPSS Ranking 95.3%
CVSS Severity
CVSS v2 Score 9.3
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=568
- http://secunia.com/advisories/26134
- http://supportconnectw.ca.com/public/etrust/etrust_intrusion/infodocs/eid-callervilnsecnot.asp
- http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149811
- http://www.securityfocus.com/archive/1/474599/100/0/threaded
- http://www.securityfocus.com/bid/25050
- http://www.securitytracker.com/id?1018447
- http://www.vupen.com/english/advisories/2007/2640
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35565
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=568
- http://secunia.com/advisories/26134
- http://supportconnectw.ca.com/public/etrust/etrust_intrusion/infodocs/eid-callervilnsecnot.asp
- http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149811
- http://www.securityfocus.com/archive/1/474599/100/0/threaded
- http://www.securityfocus.com/bid/25050
- http://www.securitytracker.com/id?1018447
- http://www.vupen.com/english/advisories/2007/2640
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35565
Products affected by CVE-2007-3302
-
cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0
-
cpe:2.3:a:ca:etrust_intrusion_detection:3.0
-
cpe:2.3:a:ca:etrust_intrusion_detection:3.05.81