|
|
| |
Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=568
|
| |
Vulnerable Systems:
* CA eTrust Intrusion Detection version 3.0.5 on Windows (caller.dll 3.0.5.55)
When eTrust Intrusion Detection is installed it registers the following ActiveX control as safe for scripting:
File: Caller.dll
Clsid: 41266C21-18D8-414B-88C0-8DCA6C25CEA0
This control contains a series of scriptable functions which allow malicious web pages to load arbitrary DLLs and call their exports with controlled parameters.
Analysis:
Exploitation allows an attacker to execute code with the privileges of the currently logged on user. The user would have to be lured into visiting a malicious web page.
Workaround"
Setting the kill-bit for this control will prevent it from being loaded within Internet Explorer.
Vendor response:
Computer Associates has addressed this vulnerability by releasing an update. More information can be found from their advisory at the following URL: http://supportconnectw.ca.com/public/etrust/etrust_intrusion/infodocs/eid-callervilnsecnot.asp
CVE Information:
CVE-2007-3302
Disclosure timeline:
06/20/2007 - Initial vendor notification
06/20/2007 - Initial vendor response
07/24/2007 - Coordinated public disclosure
|
|
|
