CVE-2007-3338 Information
Description
Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4 r3 2.6 and 2.5 as used in multiple CA (Computer Associates) products allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions.
Reference
http://osvdb.org/37483 http://secunia.com/advisories/25756 http://secunia.com/advisories/25775 http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778 http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-ingres-stack-overflow/ http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-stack-overflow/ http://www.securityfocus.com/archive/1/472194/100/0/threaded http://www.securityfocus.com/archive/1/472197/100/0/threaded http://www.securityfocus.com/bid/24585 http://www.vupen.com/english/advisories/2007/2288 http://www.vupen.com/english/advisories/2007/2290 https://exchange.xforce.ibmcloud.com/vulnerabilities/34995 https://exchange.xforce.ibmcloud.com/vulnerabilities/34998
Share on: