CVE-2007-6334

{"id": "CVE-2007-6334", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-12-20T23:46:00.000", "references": [{"url": "http://secunia.com/advisories/28183", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28187", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp", "source": "cve@mitre.org"}, {"url": "http://www.ingres.com/support/security-alertDec17.php", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/39358", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/485448/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26959", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1019134", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/4303", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/4304", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28183", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/28187", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ingres.com/support/security-alertDec17.php", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/39358", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/485448/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/26959", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1019134", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/4303", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/4304", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges."}, {"lang": "es", "value": "Ingres 2.5 y 2.6 para Windows, usados en m\u00faltiples productos CA y posiblemente otros, asigna los privilegios y la identidad de los usuarios para que sean la misma que el primer usuario, lo cual permite a atacantes remotos obtener privilegios."}], "lastModified": "2024-11-21T00:39:53.880", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ingres:ingres:2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43A75B42-4739-4E98-A6B9-704B51BD59EC"}, {"criteria": "cpe:2.3:a:ingres:ingres:2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCE11A92-56B9-43A2-9E3D-D511AE713F45"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}