CVE-2007-3696 Information

Description

CA ERwin Data Model Validator (formerly AllFusion Data Model Validator) allows remote attackers to (1) cause a denial of service (application hang) via a malformed .EXP database file and (2) cause a denial of service (aaplication crash) via a crafted .EXP database file which triggers a NULL dereference.

Reference

http://osvdb.org/39596 http://www.eleytt.com/advisories/eleytt_ALLFUSIONDATAMODEL.pdf http://www.securityfocus.com/bid/24814