CVE-2007-3334 (GCVE-0-2007-3334)
Vulnerability from cvelistv5
Published
2007-06-21 22:00
Modified
2024-08-07 14:14
Severity ?
CWE
  • n/a
Summary
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.
References
cve@mitre.org http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546 Patch
cve@mitre.org http://osvdb.org/37487
cve@mitre.org http://osvdb.org/37488
cve@mitre.org http://secunia.com/advisories/25756
cve@mitre.org http://secunia.com/advisories/25775
cve@mitre.org http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
cve@mitre.org http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778
cve@mitre.org http://www.securityfocus.com/bid/24585
cve@mitre.org http://www.securitytracker.com/id?1018278
cve@mitre.org http://www.vupen.com/english/advisories/2007/2288
cve@mitre.org http://www.vupen.com/english/advisories/2007/2290
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/34991
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/34992
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/35002
af854a3a-2127-422b-91ae-364da2661108 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546 Patch
af854a3a-2127-422b-91ae-364da2661108 http://osvdb.org/37487
af854a3a-2127-422b-91ae-364da2661108 http://osvdb.org/37488
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/25756
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/25775
af854a3a-2127-422b-91ae-364da2661108 http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
af854a3a-2127-422b-91ae-364da2661108 http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/24585
af854a3a-2127-422b-91ae-364da2661108 http://www.securitytracker.com/id?1018278
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2007/2288
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2007/2290
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/34991
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/34992
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/35002
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:14:12.912Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-2288",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2288"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
          },
          {
            "name": "20070621 Ingres Database Multiple Heap Corruption Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
          },
          {
            "name": "ingres-wakeup-privilege-escalation(35002)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
          },
          {
            "name": "25756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25756"
          },
          {
            "name": "25775",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25775"
          },
          {
            "name": "37488",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37488"
          },
          {
            "name": "ADV-2007-2290",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2290"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
          },
          {
            "name": "ingres-communications-server-bo(34991)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
          },
          {
            "name": "37487",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37487"
          },
          {
            "name": "1018278",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018278"
          },
          {
            "name": "ingres-data-access-server-bo(34992)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
          },
          {
            "name": "24585",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24585"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-2288",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2288"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
        },
        {
          "name": "20070621 Ingres Database Multiple Heap Corruption Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
        },
        {
          "name": "ingres-wakeup-privilege-escalation(35002)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
        },
        {
          "name": "25756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25756"
        },
        {
          "name": "25775",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25775"
        },
        {
          "name": "37488",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37488"
        },
        {
          "name": "ADV-2007-2290",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2290"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
        },
        {
          "name": "ingres-communications-server-bo(34991)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
        },
        {
          "name": "37487",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37487"
        },
        {
          "name": "1018278",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018278"
        },
        {
          "name": "ingres-data-access-server-bo(34992)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
        },
        {
          "name": "24585",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24585"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3334",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-2288",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2288"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
            },
            {
              "name": "20070621 Ingres Database Multiple Heap Corruption Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
            },
            {
              "name": "ingres-wakeup-privilege-escalation(35002)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
            },
            {
              "name": "25756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25756"
            },
            {
              "name": "25775",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25775"
            },
            {
              "name": "37488",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37488"
            },
            {
              "name": "ADV-2007-2290",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2290"
            },
            {
              "name": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
            },
            {
              "name": "ingres-communications-server-bo(34991)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
            },
            {
              "name": "37487",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37487"
            },
            {
              "name": "1018278",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018278"
            },
            {
              "name": "ingres-data-access-server-bo(34992)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
            },
            {
              "name": "24585",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24585"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3334",
    "datePublished": "2007-06-21T22:00:00",
    "dateReserved": "2007-06-21T00:00:00",
    "dateUpdated": "2024-08-07T14:14:12.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-3334\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-06-21T22:30:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos de b\u00fafer basados en mont\u00edculo en los componentes (1) Communications Server (iigcc.exe) y (2) Data Access Server (iigcd.exe) para el Ingres Database Server 3.0.3, como el utilizado en los productos del CA (Computer Associates) incluyendo el eTrust Secure Content Manager r8 bajo Windows, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores sin especificar.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AB4B29F-4C60-48A0-8F58-BCBDC58B697E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DB54A16-5E56-46FC-A49C-56C98C0B8F1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ingres:database_server:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B836C674-BF4F-4D60-AA33-D778B712D3A3\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://osvdb.org/37487\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/37488\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/25756\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/25775\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/24585\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1018278\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2288\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2290\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34991\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34992\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35002\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://osvdb.org/37487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/37488\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/25756\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/25775\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/24585\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1018278\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2288\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2290\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34991\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34992\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.