Description
The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."
References (9)
Core 9
Core References
Patch x_refsource_confirm
http://supportconnectw.ca.com/public/etrust/etrust_intrusion/infodocs/eid-callervilnsecnot.asp
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25050
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35565
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26134
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018447
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/474599/100/0/threaded
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2640
Various Sources x_refsource_confirm
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149811
Patch third-party-advisory
x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=568
Scores
EPSS
0.2398
EPSS Percentile
96.1%
Details
Status
published
Products (3)
broadcom/etrust_intrusion_detection
3.0
ca/etrust_intrusion_detection
3.0 sp1
ca/etrust_intrusion_detection
3.05.81
Published
Jul 26, 2007
Tracked Since
Feb 18, 2026