CVE-2007-3302

2007-07-2600:30:00

mitre

web.nvd.nist.gov

callcode

activex control

caller.dll

remote attackers

dll

code execution

security vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.941

Percentile

99.2%

JSON

The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified “scriptable functions.”

Affected configurations

Nvd

Node

broadcometrust_intrusion_detectionMatch3.0

caetrust_intrusion_detectionMatch3.0sp1

caetrust_intrusion_detectionMatch3.05.81

VendorProductVersionCPE
broadcometrust_intrusion_detection3.0cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*
caetrust_intrusion_detection3.0cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*
caetrust_intrusion_detection3.05.81cpe:2.3:a:ca:etrust_intrusion_detection:3.05.81:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
broadcom	etrust_intrusion_detection	3.0	cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:::::::*
ca	etrust_intrusion_detection	3.0	cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1::::::
ca	etrust_intrusion_detection	3.05.81	cpe:2.3:a:ca:etrust_intrusion_detection:3.05.81:::::::*