CVE-2007-3336
CA Advantage Ingres 2.6 - Multiple Buffer Overflow Vulnerabilities (PoC)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input.
Múltiples vulnerabilidades "pointer overwrite" en Ingres database server 2006 versiones 9.0.4, r3, 2.6 y 2.5, tal como se usa en varios productos de CA (anteriormente Computer Associates), permiten a los atacantes remotos ejecutar código arbitrario mediante el envío de ciertos datos TCP en diferentes momentos hacia Ingres Communications Server Process (iigcc), que llama a las funciones (1) QUinsert o (2) QUremove con entrada controlada por el atacante.
Computer Associates Advantage Ingres version 2.6 suffers from multiple denial of service vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-06-21 CVE Reserved
- 2007-06-22 CVE Published
- 2010-08-14 First Exploit
- 2024-08-07 CVE Updated
- 2024-09-25 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (15)
URL | Tag | Source |
---|---|---|
http://archives.neohapsis.com/archives/bugtraq/2007-06/0302.html | Mailing List | |
http://osvdb.org/37486 | Vdb Entry | |
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778 | X_refsource_confirm | |
http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-1 | X_refsource_misc | |
http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-2 | X_refsource_misc | |
http://www.securityfocus.com/archive/1/472193/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/24585 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/34993 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/35000 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/14646 | 2010-08-14 |
URL | Date | SRC |
---|---|---|
http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp | 2018-10-16 |
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/25756 | 2018-10-16 | |
http://secunia.com/advisories/25775 | 2018-10-16 | |
http://www.vupen.com/english/advisories/2007/2288 | 2018-10-16 | |
http://www.vupen.com/english/advisories/2007/2290 | 2018-10-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ingres Search vendor "Ingres" | Database Server Search vendor "Ingres" for product "Database Server" | 2.5 Search vendor "Ingres" for product "Database Server" and version "2.5" | - |
Affected
| ||||||
Ingres Search vendor "Ingres" | Database Server Search vendor "Ingres" for product "Database Server" | 2.6 Search vendor "Ingres" for product "Database Server" and version "2.6" | - |
Affected
| ||||||
Ingres Search vendor "Ingres" | Database Server Search vendor "Ingres" for product "Database Server" | 9.0.4 Search vendor "Ingres" for product "Database Server" and version "9.0.4" | - |
Affected
| ||||||
Ingres Search vendor "Ingres" | Database Server Search vendor "Ingres" for product "Database Server" | r3 Search vendor "Ingres" for product "Database Server" and version "r3" | - |
Affected
|