Vulnerability Details : CVE-2007-4620
Public exploit exists!
Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2007-4620
Probability of exploitation activity in the next 30 days: 10.46%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2007-4620
-
Computer Associates Alert Notification Buffer Overflow
Disclosure Date: 2008-04-04First seen: 2020-04-26exploit/windows/brightstor/etrust_itm_alertThis module exploits a buffer overflow in Computer Associates Threat Manager for the Enterprise r8.1 By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code. In order to successfully exploit this vulnerability, you will
CVSS scores for CVE-2007-4620
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST |
CWE ids for CVE-2007-4620
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-4620
-
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173103
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=679
-
http://www.securitytracker.com/id?1019789
-
http://community.ca.com/blogs/casecurityresponseblog/archive/2008/04/04/ca-alert-notification-server-multiple-vulnerabilities.aspx
-
http://securityreason.com/securityalert/3799
-
http://www.securityfocus.com/bid/28605
Computer Associates Alert Notification Server Multiple Remote Buffer Overflow Vulnerabilities
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/41639
-
http://www.securityfocus.com/archive/1/490466/100/0/threaded
-
http://www.vupen.com/english/advisories/2008/1103/references
-
http://www.securitytracker.com/id?1019790
Products affected by CVE-2007-4620
- cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
- cpe:2.3:a:ca:threat_manager_for_the_enterprise:r8:*:*:*:*:*:*:*
- cpe:2.3:a:ca:threat_manager_for_the_enterprise:r8.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*