eTrust Intrusion Detection contains a vulnerability associated with the caller.dll ActiveX control. The vulnerability is due to the caller.dll ActiveX control being marked safe for scripting. An attacker, who can lure a user into visiting a malicious website, can potentially gain complete control of an affected installation.
bf7652ef856974e523274a458f8762421906e746b5daddbe7db3072d50c9cec1
iDefense Security Advisory 07.24.07 - Remote exploitation of a design error vulnerability in Computer Associates International Inc.'s (CA) eTrust Intrusion Detection allows attackers to execute arbitrary code. iDefense has confirmed that CA eTrust Intrusion Detection version 3.0.5 on Windows is vulnerable. The file version of caller.dll tested was 3.0.5.55.
dd433f38cbabc80db9006ffd84b9047b05a53fde7911950b55cdcb6f78112bb8