CVE-2007-3334

CVE-2007-3334 affects Ingres Database (3.0.3) components used in CA products (eTrust Secure Content Manager on Windows). A remote, unauthenticated attacker can exploit heap-based buffer overflows in the Communications Server (iigcc.exe) and Data Access Server (iigcd.exe) by sending specially craf...

CVE-2007-3337

CVE-2007-3337 concerns the Ingres database server (2006 9.0.4 and earlier) used in multiple CA products. A local user can abuse the setuid root binary “wakeup” by creating a symbolic link to the file alarmwkp.def, causing the binary to truncate arbitrary files in the current directory. The issue ...

CVE-2007-3338

CVE-2007-3338 covers a stack-based buffer overflow in the Ingres Database Server (Ingres 2006 9.0.4 and prior) and in CA-eTrust/Unicenter integrations, enabling remote code execution via crafted input to the uuid_from_char function (and related duve_get_args handling). Affected products include I...

CVE-2007-3336

CVE-2007-3336 affects Ingres database server (Ingres 2006 9.0.4 and earlier). The vulnerability is a set of remote, pre-authentication pointer-overwrite issues in the Ingres Communications Server Process (iigcc). When a client sends specific TCP data at specific timings to iigcc, the attacker-con...