8.3 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.801 High
EPSS
Percentile
98.2%
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.
CPE | Name | Operator | Version |
---|---|---|---|
etrust_secure_content_manager | eq | 8.0 | |
database_server | eq | 3.0.3 |
labs.idefense.com/intelligence/vulnerabilities/display.php?id=546
osvdb.org/37487
osvdb.org/37488
secunia.com/advisories/25756
secunia.com/advisories/25775
supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778
www.securityfocus.com/bid/24585
www.securitytracker.com/id?1018278
www.vupen.com/english/advisories/2007/2288
www.vupen.com/english/advisories/2007/2290
exchange.xforce.ibmcloud.com/vulnerabilities/34991
exchange.xforce.ibmcloud.com/vulnerabilities/34992
exchange.xforce.ibmcloud.com/vulnerabilities/35002