CVE-2007-3338

{"id": "CVE-2007-3338", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-06-22T18:30:00.000", "references": [{"url": "http://osvdb.org/37483", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25756", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25775", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778", "source": "cve@mitre.org"}, {"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-ingres-stack-overflow/", "source": "cve@mitre.org"}, {"url": "http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-stack-overflow/", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/472194/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/472197/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/24585", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2288", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2290", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34995", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34998", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/37483", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/25756", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/25775", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-ingres-stack-overflow/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-stack-overflow/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/472194/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/472197/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/24585", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/2288", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/2290", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34995", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34998", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en la regi\u00f3n stack de la memoria en Ingres database server 2006 versiones 9.0.4, r3, 2.6 y 2.5, tal como se usa en varios productos de CA (Computer Associates), permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de las funciones (1) uuid_from_char o (2) duve_get_args."}], "lastModified": "2024-11-21T00:32:59.437", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ingres:database_server:2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D23E67C-E964-4571-B6FA-DCC910FD2A7C"}, {"criteria": "cpe:2.3:a:ingres:database_server:2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0D77591-A8B7-4BAE-9761-CEB5A739A9E1"}, {"criteria": "cpe:2.3:a:ingres:database_server:9.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFE10403-BEB4-4A63-BC0D-CC5803584F5E"}, {"criteria": "cpe:2.3:a:ingres:database_server:r3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01A77427-8C8D-4ABD-8502-F40D704B5F8A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}