CVE-2007-4620

Name of the Vulnerable Software and Affected Versions CA Alert Notification Service versions 7.1.758.0, 8.0.450.0, 8.1.586.0 CA Anti-Virus for the Enterprise versions 7.1 through r11.1 CA Threat Manager for the Enterprise versions 8.1 and r8

Description The issue is related to multiple stack-based buffer overflows in the CA Alert Notification Service, which can be exploited by remote authenticated users. This can be achieved via crafted RPC requests, allowing the execution of arbitrary code.

Recommendations For CA Alert Notification Service versions 7.1.758.0, 8.0.450.0, and 8.1.586.0, update to a version that is not affected by this issue. For CA Anti-Virus for the Enterprise versions 7.1 through r11.1, update to a version that is not affected by this issue. For CA Threat Manager for the Enterprise versions 8.1 and r8, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to the RPC service until a patch is available.