Added: 08/09/2007
CVE: CVE-2007-3302
BID: 25050
OSVDB: 37698
CA eTrust Intrusion Detection includes the CallCode (**Caller.dll**
) ActiveX control.
The CallCode ActiveX control is incorrectly marked safe for scripting. This ActiveX control contains scriptable functions which, if a user loads an attackerβs web page, could be used to load arbitrary DLLs and execute the code contained within.
Apply update QO89893 for eTrust Intrusion Detection 3.0 or QO89881 for eTrust Intrusion Detection 3.0 SP1.
<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=568>
<http://supportconnectw.ca.com/public/etrust/etrust_intrusion/infodocs/eid-callervilnsecnot.asp>
Exploit works on CA eTrust Intrusion Detection 3.0 SP1 and requires a user to load the exploit page into Internet Explorer.
In order for this exploit to succeed, the SAINTexploit host must be able to bind to port 69/UDP, and the target host must have access to it.
Windows