CVE-2007-4620 : Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.

Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests.

Published 2008-04-07 18:44:00

Updated 2021-04-07 18:14:17

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Exploit prediction scoring system (EPSS) score for CVE-2007-4620

Probability of exploitation activity in the next 30 days: 11.89%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2007-4620

Computer Associates Alert Notification Buffer Overflow

Disclosure Date: 2008-04-04

First seen: 2020-04-26

exploit/windows/brightstor/etrust_itm_alert

This module exploits a buffer overflow in Computer Associates Threat Manager for the Enterprise r8.1 By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code. In order to successfully exploit this vulnerability, you will

More information

CVSS scores for CVE-2007-4620

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.0	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:C	8.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2007-4620

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2007-4620

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173103
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=679
http://www.securitytracker.com/id?1019789
http://community.ca.com/blogs/casecurityresponseblog/archive/2008/04/04/ca-alert-notification-server-multiple-vulnerabilities.aspx
http://securityreason.com/securityalert/3799
http://www.securityfocus.com/bid/28605

Computer Associates Alert Notification Server Multiple Remote Buffer Overflow Vulnerabilities
https://exchange.xforce.ibmcloud.com/vulnerabilities/41639
http://www.securityfocus.com/archive/1/490466/100/0/threaded
http://www.vupen.com/english/advisories/2008/1103/references
http://www.securitytracker.com/id?1019790

Products affected by CVE-2007-4620

CA » Brightstor Arcserve Backup » Version: 11 Windows Edition
cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
Matching versions
CA » Threat Manager For The Enterprise » Version: R8
cpe:2.3:a:ca:threat_manager_for_the_enterprise:r8:*:*:*:*:*:*:*
Matching versions
CA » Threat Manager For The Enterprise » Version: R8.1
cpe:2.3:a:ca:threat_manager_for_the_enterprise:r8.1:*:*:*:*:*:*:*
Matching versions
Broadcom » Brightstor Arcserve Backup » Version: 11.1
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
Matching versions
Broadcom » Brightstor Arcserve Backup » Version: 11.5
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
Matching versions
Broadcom » Anti-virus For The Enterprise » Version: 8
cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*
Matching versions
Broadcom » Anti-virus For The Enterprise » Version: 8.1
cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8.1:*:*:*:*:*:*:*
Matching versions
Broadcom » Anti-virus For The Enterprise » Version: 7.1
cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*
Matching versions