CVE-2007-3336

NONECVSS 0.0

0.0

Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input.

🔗 References (28)

cve@mitrehttp://archives.neohapsis.com/archives/bugtraq/2007-06/0302.html
cve@mitrehttp://osvdb.org/37486
cve@mitrehttp://secunia.com/advisories/25756
cve@mitrehttp://secunia.com/advisories/25775
cve@mitrehttp://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
cve@mitrehttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778
cve@mitrehttp://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-1/
cve@mitrehttp://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-2/
cve@mitrehttp://www.securityfocus.com/archive/1/472193/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/24585
cve@mitrehttp://www.vupen.com/english/advisories/2007/2288
cve@mitrehttp://www.vupen.com/english/advisories/2007/2290
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/34993
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/35000
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2007-06/0302.html

Is Your Infrastructure Affected by CVE-2007-3336?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-3336

📅 Published

🔄 Last Modified

🔗 References (28)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-3336?