CVE-2007-4620

2008-04-0718:44:00

CWE-119

mitre

web.nvd.nist.gov

cve-2007-4620

computer associates

alert notification service

buffer overflow

remote code execution

rpc

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.212

Percentile

96.5%

JSON

Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests.

Affected configurations

Nvd

Node

broadcomanti-virus_for_the_enterpriseMatch7.1

broadcomanti-virus_for_the_enterpriseMatch8

broadcomanti-virus_for_the_enterpriseMatch8.1

broadcombrightstor_arcserve_backupMatch11.1

broadcombrightstor_arcserve_backupMatch11.5

cabrightstor_arcserve_backupMatch11windows

cathreat_manager_for_the_enterpriseMatchr8

cathreat_manager_for_the_enterpriseMatchr8.1

VendorProductVersionCPE
broadcomanti-virus_for_the_enterprise7.1cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*
broadcomanti-virus_for_the_enterprise8cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*
broadcomanti-virus_for_the_enterprise8.1cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8.1:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup11.1cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup11.5cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
cabrightstor_arcserve_backup11cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
cathreat_manager_for_the_enterpriser8cpe:2.3:a:ca:threat_manager_for_the_enterprise:r8:*:*:*:*:*:*:*
cathreat_manager_for_the_enterpriser8.1cpe:2.3:a:ca:threat_manager_for_the_enterprise:r8.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
broadcom	anti-virus_for_the_enterprise	7.1	cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:::::::*
broadcom	anti-virus_for_the_enterprise	8	cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:::::::*
broadcom	anti-virus_for_the_enterprise	8.1	cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8.1:::::::*
broadcom	brightstor_arcserve_backup	11.1	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:::::::*
broadcom	brightstor_arcserve_backup	11.5	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:::::::*
ca	brightstor_arcserve_backup	11	cpe:2.3:a:ca:brightstor_arcserve_backup:11::windows:::::
ca	threat_manager_for_the_enterprise	r8	cpe:2.3:a:ca:threat_manager_for_the_enterprise:r8:::::::*
ca	threat_manager_for_the_enterprise	r8.1	cpe:2.3:a:ca:threat_manager_for_the_enterprise:r8.1:::::::*