Change Download Preference

Current Preference
Change Preference to:

Security Notice for eTrust Intrusion Detection caller.dll vulnerability

Last Updated: July 25, 2007

CA's customer support is alerting customers to a security risk in eTrust Intrusion Detection. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued updates to address the vulnerabilities.

The vulnerability, CVE-2007-3302, is due to the caller.dll ActiveX control being marked safe for scripting. An attacker, who can lure a user into visiting a malicious website, can potentially gain complete control of an affected installation.

Risk Rating


Affected Products

eTrust Intrusion Detection 3.0
eTrust Intrusion Detection 3.0 SP1

How to determine if the installation is affected

For Windows:

  1. Using Windows Explorer, locate the file "caller.dll". By default, the file is located in the "C:Program FilesCAeTrust Intrusion DetectionCommon" directory.

  2. Right click on the file and select Properties.

  3. For eTrust Intrusion Detection 3.0 SP1, select the Version tab, or, for eTrust Intrusion Detection 3.0, select the General tab.

  4. If the file version or date is earlier than indicated in the table below, the installation is vulnerable.
File Release File Version File Date, Size
caller.dll 3.0 NA 7/13/2007, 32768 bytes
caller.dll 3.0 SP1 NA


CA has provided an update to address the vulnerabilities.

eTrust Intrusion Detection 3.0

Apply QO89893.

eTrust Intrusion Detection 3.0 SP1:

Apply QO89881.


As a workaround solution, set the kill bit on the caller.dll ActiveX control.

Note: Before proceeding, review the following Microsoft knowledge base article on disabling ActiveX controls:

  1. Using the registry editor, navigate to HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility%7B41266C21-18D8-414B-88C0-8DCA6C25CEA0%7D. If the key does not exist, create it.

  2. Create a DWORD value named "Compatibility Flags" with a value data of 0x00000400.

  3. Restart Internet Explorer.


CVE-2007-3302 eTrust Intrusion Detection caller.dll ActiveX control


CVE-2007-3302 - Sebastian Apelt working with the iDefense VCP.

Change History

Version 1.0: Initial Release

If additional information is required, please contact CA Technical Support at

If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form at