CVE-2007-4620

CA Alert Notification Service <8.1.586.0 - RCE

Title source: llm

Description

Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16410
metasploit WORKING POC NORMAL
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/etrust_itm_alert.rb

References (11)

Scores

EPSS 0.7581
EPSS Percentile 98.9%

Details

CWE
CWE-119
Status published
Products (8)
broadcom/anti-virus_for_the_enterprise 7.1
broadcom/anti-virus_for_the_enterprise 8
broadcom/anti-virus_for_the_enterprise 8.1
broadcom/brightstor_arcserve_backup 11.1
broadcom/brightstor_arcserve_backup 11.5
ca/brightstor_arcserve_backup 11
ca/threat_manager_for_the_enterprise r8
ca/threat_manager_for_the_enterprise r8.1
Published Apr 07, 2008
Tracked Since Feb 18, 2026