fkie_cve-2007-3334
Vulnerability from fkie_nvd
Published
2007-06-21 22:30
Modified
2024-11-21 00:32
Severity ?
Summary
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.
References
cve@mitre.orghttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546Patch
cve@mitre.orghttp://osvdb.org/37487
cve@mitre.orghttp://osvdb.org/37488
cve@mitre.orghttp://secunia.com/advisories/25756
cve@mitre.orghttp://secunia.com/advisories/25775
cve@mitre.orghttp://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
cve@mitre.orghttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778
cve@mitre.orghttp://www.securityfocus.com/bid/24585
cve@mitre.orghttp://www.securitytracker.com/id?1018278
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/2288
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/2290
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34991
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34992
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/35002
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546Patch
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/37487
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/37488
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25756
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25775
af854a3a-2127-422b-91ae-364da2661108http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
af854a3a-2127-422b-91ae-364da2661108http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/24585
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018278
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2288
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2290
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34991
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34992
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/35002
Impacted products
Vendor Product Version
microsoft all_windows *
ca etrust_secure_content_manager 8.0
ingres database_server 3.0.3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB4B29F-4C60-48A0-8F58-BCBDC58B697E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB54A16-5E56-46FC-A49C-56C98C0B8F1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ingres:database_server:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B836C674-BF4F-4D60-AA33-D778B712D3A3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados en mont\u00edculo en los componentes (1) Communications Server (iigcc.exe) y (2) Data Access Server (iigcd.exe) para el Ingres Database Server 3.0.3, como el utilizado en los productos del CA (Computer Associates) incluyendo el eTrust Secure Content Manager r8 bajo Windows, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores sin especificar."
    }
  ],
  "id": "CVE-2007-3334",
  "lastModified": "2024-11-21T00:32:58.790",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-06-21T22:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/37487"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/37488"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/25756"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/25775"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/24585"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018278"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2288"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2290"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/37487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/37488"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25775"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24585"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018278"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2288"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2290"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.