CVE-2007-3338
Published Jun 22, 2007
Last updated 6 years ago
Overview
- Description
- Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ingres:database_server:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D23E67C-E964-4571-B6FA-DCC910FD2A7C"
},
{
"criteria": "cpe:2.3:a:ingres:database_server:2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0D77591-A8B7-4BAE-9761-CEB5A739A9E1"
},
{
"criteria": "cpe:2.3:a:ingres:database_server:9.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFE10403-BEB4-4A63-BC0D-CC5803584F5E"
},
{
"criteria": "cpe:2.3:a:ingres:database_server:r3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01A77427-8C8D-4ABD-8502-F40D704B5F8A"
}
],
"operator": "OR"
}
]
}
]