Computer Security
[EN] no-pyccku

Computer Associates eTrust Intrusion Detection code execution
SecurityVulns ID:7976
Threat Level:
Description:CallCode ActiveX allows access to unsafe functions.
Affected:CA : eTrust Intrusion Detection 3.0
CVE:CVE-2007-3302 (The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions.")
Original documentdocumentCA, [Full-disclosure] [CAID 35524]: CA eTrust Intrusion Detection caller.dll Vulnerability (25.07.2007)
 documentIDEFENSE, iDefense Security Advisory 07.24.07: Computer Associates eTrust Intrusion Detection CallCode ActiveX Control Code Execution Vulnerability (25.07.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod