2885 matches found
CVE-2007-3336
Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA formerly Computer Associates products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server...
CVE-2007-3338
Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA Computer Associates products, allow remote attackers to execute arbitrary code via the 1 uuidfromchar or 2 duvegetargs functions...
CVE-2007-3336
CVE-2007-3336 affects Ingres database server (Ingres 2006 9.0.4 and earlier). The vulnerability is a set of remote, pre-authentication pointer-overwrite issues in the Ingres Communications Server Process (iigcc). When a client sends specific TCP data at specific timings to iigcc, the attacker-con...
[Full-disclosure] [CAID 35450, 35451, 35452, 35453]: CA Products That Embed Ingres Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: CAID 35450, 35451, 35452, 35453: CA Products That Embed Ingres Multiple Vulnerabilities CA Vuln ID CAID: 35450, 35451, 35452, 35453 CA Advisory Date: 2007-06-21 Reported By: NGSSoftware, and iDefense Impact: Attackers can potentially execute...
Ingress数据库服务器多个堆溢出漏洞
Ingres是很多CA产品默认所使用的数据库后端。 CA产品所捆绑Ingres数据库服务器在处理请求数据时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 Ingres数据库服务器的通讯服务器(iigcc.exe)和数据访问服务器(iigcd.exe)组件没有正确验证用户所提供数据的长度便将数据拷贝到了固定大小的堆缓冲区。如果远程攻击者在10916(iigcc)或10923(iigcd)端口上建立的TCP会话的话,就可以向数据库服务器发送畸形请求触发漏洞,导致执行任意指令。 Computer Associates eTrust Secure Content Manager r8...
CVE-2007-3334
Multiple heap-based buffer overflows in the 1 Communications Server iigcc.exe and 2 Data Access Server iigcd.exe components for Ingres Database Server 3.0.3, as used in CA Computer Associates products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitra...
Heap overflow
Multiple heap-based buffer overflows in the 1 Communications Server iigcc.exe and 2 Data Access Server iigcd.exe components for Ingres Database Server 3.0.3, as used in CA Computer Associates products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitra...
CVE-2007-3334
CVE-2007-3334 affects Ingres Database (3.0.3) components used in CA products (eTrust Secure Content Manager on Windows). A remote, unauthenticated attacker can exploit heap-based buffer overflows in the Communications Server (iigcc.exe) and Data Access Server (iigcd.exe) by sending specially craf...
CVE-2007-3334
Multiple heap-based buffer overflows in the 1 Communications Server iigcc.exe and 2 Data Access Server iigcd.exe components for Ingres Database Server 3.0.3, as used in CA Computer Associates products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitra...
Ingress Database Server 2.6 - Multiple Remote Vulnerabilities
Ingress Database Server 2.6 - Multiple Remote Vulnerabilities source: https://www.securityfocus.com/bid/24585/info Ingress Database Server included in CA eTrust Secure Content Manager is prone to multiple remote vulnerabilities, including multiple stack- and heap-based buffer-overflow issues,...
Ingress Database Server 2.6 - Multiple Remote Vulnerabilities
source: https://www.securityfocus.com/bid/24585/info Ingress Database Server included in CA eTrust Secure Content Manager is prone to multiple remote vulnerabilities, including multiple stack- and heap-based buffer-overflow issues, multiple pointer-overwrite issues, and an arbitrary-file-overwrit...
Firebird DataBase Server fbserver.exe p_cnct_count Value Remote Overflow
The version of Firebird installed on the remote host is vulnerable to a buffer overflow in its protocol handling routine. By sending a specially crafted 'opconnect' request, a remote, unauthenticated attacker can execute code on the affected host with SYSTEM privileges. %NASLMINLEVEL 70300 C...
Firebird SQL Fbserver 2.0 - Remote Buffer Overflow
Firebird SQL Fbserver 2.0 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/24436/info Firebird SQL is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary machine code in the context of the affected database server. Failed...
Firebird SQL Fbserver 2.0 - Remote Buffer Overflow
source: https://www.securityfocus.com/bid/24436/info Firebird SQL is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary machine code in the context of the affected database server. Failed exploit attempts will likely crash the server, denying...
MySQl database server DoS
Division by zero and NULL-pointer dereference on malcrafted IF condition...
CVE-2007-2130
Unspecified vulnerability in Workflow Cartridge, as used in Oracle Database Server 9.2.0.1, 10.1.0.2, and 10.2.0.1; Application Server 9.0.4.3 and 10.1.2.0.2; Collaboration Suite 10.1.2; and E-Business Suite; has unknown impact and remote authenticated attack vectors, aka OWF01...
Code injection
Unspecified vulnerability in Workflow Cartridge, as used in Oracle Database Server 9.2.0.1, 10.1.0.2, and 10.2.0.1; Application Server 9.0.4.3 and 10.1.2.0.2; Collaboration Suite 10.1.2; and E-Business Suite; has unknown impact and remote authenticated attack vectors, aka OWF01...
CVE-2007-2119
CVE-2007-2119 is an XSS vulnerability in the Administration Front End for Oracle Enterprise (Ultra) Search. The issue affects boundary_rules.jsp and allows remote attackers to inject arbitrary HTML or script via the EXPTYPE parameter. Affected components include the Oracle Database Server variant...
CVE-2007-2079
The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host parameter, or have other unspecified...
Buffer overflow
The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host parameter, or have other unspecified...