[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98218

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-4620

Date: (C)2008-04-07   (M)2017-08-01 


Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests.

CVSS Score: 9.0Access Vector: NETWORK
Exploit Score: 8.0Access Complexity: LOW
Impact Score: 10.0Authentication: SINGLE_INSTANCE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1019789
SECTRACK-1019790
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=679
http://www.securityfocus.com/archive/1/archive/1/490466/100/0/threaded
BID-28605
SECUNIA-29665
SREASON-3799
ADV-2008-1103
ca-alertnotificationserver-bo(41639)
http://community.ca.com/blogs/casecurityresponseblog/archive/2008/04/04/ca-alert-notification-server-multiple-vulnerabilities.aspx
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173103

CPE    5
cpe:/a:ca:anti-virus_for_the_enterprise:8
cpe:/a:ca:anti-virus_for_the_enterprise:8.1
cpe:/a:ca:anti-virus_for_the_enterprise:7.1
cpe:/a:ca:brightstor_arcserve_backup:11.1
...
CWE    1
CWE-119

© 2013 SecPod Technologies