CVE-2007-3302 — Etrust Intrusion Detection vulnerability

3 documents3 sources

Severity

9.3CRITICALNVD

EPSS

24.0%

top 3.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Etrust Intrusion Detection CA Etrust Intrusion Detection

Timeline

PublishedJul 26

Latest updateMay 1

Description

The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDca/etrust_intrusion_detection3.0, 3.05.81+1

▶NVDbroadcom/etrust_intrusion_detection3.0

Patches

Patch: labs.idefense.com ↗Patch: secunia.com ↗Patch: supportconnectw.ca.com ↗

🔴Vulnerability Details

GHSA

GHSA-244f-56x7-fc34: The CallCode ActiveX control in caller↗2022-05-01

▶

CVEList

CVE-2007-3302: The CallCode ActiveX control in caller↗2007-07-26

▶