Lucene search
+L

32 matches found

nvd
nvd
added 2007/06/22 6:30 p.m.20 views

CVE-2007-3338

Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA Computer Associates products, allow remote attackers to execute arbitrary code via the 1 uuidfromchar or 2 duvegetargs functions...

10CVSS7.7AI score0.06673EPSS
Exploits8References14
prion
prion
added 2007/06/22 6:30 p.m.23 views

Stack overflow

Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA Computer Associates products, allow remote attackers to execute arbitrary code via the 1 uuidfromchar or 2 duvegetargs functions...

10CVSS8.3AI score0.06673EPSS
Exploits8References14Affected Software1
prion
prion
added 2007/06/22 6:30 p.m.30 views

Design/Logic Flaw

Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA formerly Computer Associates products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server...

10CVSS8.2AI score0.08958EPSS
Exploits8References14Affected Software1
nvd
nvd
added 2007/06/22 6:30 p.m.18 views

CVE-2007-3336

Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA formerly Computer Associates products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server...

10CVSS7.6AI score0.08958EPSS
Exploits8References14
cve
cve
added 2007/06/22 6:0 p.m.59 views

CVE-2007-3337

CVE-2007-3337 concerns the Ingres database server (2006 9.0.4 and earlier) used in multiple CA products. A local user can abuse the setuid root binary “wakeup” by creating a symbolic link to the file alarmwkp.def, causing the binary to truncate arbitrary files in the current directory. The issue ...

2.1CVSS6.1AI score0.00355EPSS
Exploits5References11Affected Software1
cvelist
cvelist
added 2007/06/22 6:0 p.m.37 views

CVE-2007-3338

Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA Computer Associates products, allow remote attackers to execute arbitrary code via the 1 uuidfromchar or 2 duvegetargs functions...

7.6AI score0.06673EPSS
Exploits8References14
cvelist
cvelist
added 2007/06/22 6:0 p.m.26 views

CVE-2007-3336

Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA formerly Computer Associates products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server...

7.6AI score0.08958EPSS
Exploits8References14
seebug
seebug
added 2007/06/22 12:0 a.m.51 views

Ingress数据库服务器多个堆溢出漏洞

Ingres是很多CA产品默认所使用的数据库后端。 CA产品所捆绑Ingres数据库服务器在处理请求数据时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 Ingres数据库服务器的通讯服务器(iigcc.exe)和数据访问服务器(iigcd.exe)组件没有正确验证用户所提供数据的长度便将数据拷贝到了固定大小的堆缓冲区。如果远程攻击者在10916(iigcc)或10923(iigcd)端口上建立的TCP会话的话,就可以向数据库服务器发送畸形请求触发漏洞,导致执行任意指令。 Computer Associates eTrust Secure Content Manager r8...

7.1AI score
Exploits0
nvd
nvd
added 2007/06/21 10:30 p.m.15 views

CVE-2007-3334

Multiple heap-based buffer overflows in the 1 Communications Server iigcc.exe and 2 Data Access Server iigcd.exe components for Ingres Database Server 3.0.3, as used in CA Computer Associates products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitra...

10CVSS7.6AI score0.10321EPSS
Exploits5References14
prion
prion
added 2007/06/21 10:30 p.m.21 views

Heap overflow

Multiple heap-based buffer overflows in the 1 Communications Server iigcc.exe and 2 Data Access Server iigcd.exe components for Ingres Database Server 3.0.3, as used in CA Computer Associates products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitra...

10CVSS8.3AI score0.10321EPSS
Exploits5References14Affected Software2
cvelist
cvelist
added 2007/06/21 10:0 p.m.44 views

CVE-2007-3334

Multiple heap-based buffer overflows in the 1 Communications Server iigcc.exe and 2 Data Access Server iigcd.exe components for Ingres Database Server 3.0.3, as used in CA Computer Associates products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitra...

7.6AI score0.10321EPSS
Exploits5References14
cve
cve
added 2007/06/21 10:0 p.m.66 views

CVE-2007-3334

CVE-2007-3334 affects Ingres Database (3.0.3) components used in CA products (eTrust Secure Content Manager on Windows). A remote, unauthenticated attacker can exploit heap-based buffer overflows in the Communications Server (iigcc.exe) and Data Access Server (iigcd.exe) by sending specially craf...

10CVSS7.5AI score0.10321EPSS
Exploits5References14Affected Software2
Rows per page
Query Builder