Vulnerabilities > CVE-2007-3302

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
broadcom
ca
critical

Summary

The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."

Vulnerable Configurations

Part Description Count
Application
Broadcom
1
Application
Ca
2

Saint

bid25050
descriptionCA eTrust Intrusion Detection CallCode ActiveX vulnerability
idmisc_av_caetrustcaller
osvdb37698
titleca_etrust_id_callcode
typeclient

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 25050 CVE(CAN) ID: CVE-2007-3302 CA的eTrust Intrusion Detection是功能强大的基于网络的入侵检测系统。 eTrust Intrusion Detection的ActiveX控制实现上存在漏洞,远程攻击者可能利用此漏洞控制用户系统。 在安装eTrust Intrusion Detection时会注册以下ActiveX控件: 文件:Caller.dll Clsid:41266C21-18D8-414B-88C0-8DCA6C25CEA0 这个控件中的多个函数允许恶意的网页加载任意DLL并使用可控的参数调用导出,因此允许攻击者以登录用户的权限执行任意指令。 Computer Associates eTrust Intrusion Detection 3.0 SP1 Computer Associates eTrust Intrusion Detection 3.0 临时解决方法: 1 使用注册表编辑器导航到HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{41266C21-18D8-414B-88C0-8DCA6C25CEA0}。如果该键不存在的话,请创建 2 创建名为Compatibility Flags的DWORD值,并设置为0x00000400 3 重启Internet Explorer 厂商补丁: Computer Associates ------------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href="http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&amp;searchID=QO89893" target="_blank">http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&amp;searchID=QO89893</a> <a href="http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&amp;searchID=QO89881" target="_blank">http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&amp;searchID=QO89881</a>
idSSV:2039
last seen2017-11-19
modified2007-07-26
published2007-07-26
reporterRoot
titleCA ETrust Intrusion Detection Caller.dll控件远程代码执行漏洞