9.3

CVE-2007-3302

The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CaEtrust Intrusion Detection Version3.0 Updatesp1
CaEtrust Intrusion Detection Version3.05.81
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.79% 0.953
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=568
Patch
http://secunia.com/advisories/26134
Patch
Vendor Advisory
http://supportconnectw.ca.com/public/etrust/etrust_intrusion/infodocs/eid-callervilnsecnot.asp
Patch
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149811
http://www.securityfocus.com/archive/1/474599/100/0/threaded
http://www.securityfocus.com/bid/25050
Patch
http://www.securitytracker.com/id?1018447
http://www.vupen.com/english/advisories/2007/2640
https://exchange.xforce.ibmcloud.com/vulnerabilities/35565