// For flags

CVE-2007-4620

Computer Associates - Alert Notification Buffer Overflow

Severity Score

9.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests.

Múltiples desbordamientos de buffer basados en pila del servicio Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0 y 7.1.758.0, usado en varios productos CA incluyendo Anti-Virus para la versión Enterprise 7.1 a la r11.1 y Threat Manager para la versión Enterprise 8.1 y r8, permiten a usuarios autenticados ejecutar código de su elección mediante peticiones RPC manipuladas.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-08-30 CVE Reserved
  • 2008-04-04 CVE Published
  • 2010-04-30 First Exploit
  • 2024-08-07 CVE Updated
  • 2024-10-18 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Broadcom
Search vendor "Broadcom"
 Anti-virus For The Enterprise
Search vendor "Broadcom" for product "Anti-virus For The Enterprise"
 7.1
Search vendor "Broadcom" for product "Anti-virus For The Enterprise" and version "7.1"
-
Affected
Broadcom
Search vendor "Broadcom"
 Anti-virus For The Enterprise
Search vendor "Broadcom" for product "Anti-virus For The Enterprise"
 8
Search vendor "Broadcom" for product "Anti-virus For The Enterprise" and version "8"
-
Affected
Broadcom
Search vendor "Broadcom"
 Anti-virus For The Enterprise
Search vendor "Broadcom" for product "Anti-virus For The Enterprise"
 8.1
Search vendor "Broadcom" for product "Anti-virus For The Enterprise" and version "8.1"
-
Affected
Broadcom
Search vendor "Broadcom"
 Brightstor Arcserve Backup
Search vendor "Broadcom" for product "Brightstor Arcserve Backup"
 11.1
Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.1"
-
Affected
Broadcom
Search vendor "Broadcom"
 Brightstor Arcserve Backup
Search vendor "Broadcom" for product "Brightstor Arcserve Backup"
 11.5
Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.5"
-
Affected
Ca
Search vendor "Ca"
 Brightstor Arcserve Backup
Search vendor "Ca" for product "Brightstor Arcserve Backup"
 11
Search vendor "Ca" for product "Brightstor Arcserve Backup" and version "11"
windows
Affected
Ca
Search vendor "Ca"
 Threat Manager For The Enterprise
Search vendor "Ca" for product "Threat Manager For The Enterprise"
 r8
Search vendor "Ca" for product "Threat Manager For The Enterprise" and version "r8"
-
Affected
Ca
Search vendor "Ca"
 Threat Manager For The Enterprise
Search vendor "Ca" for product "Threat Manager For The Enterprise"
 r8.1
Search vendor "Ca" for product "Threat Manager For The Enterprise" and version "r8.1"
-
Affected