CVE-2007-3334: Buffer Overflow
First published: Thu Jun 21 2007(Updated: )
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows | ||
| Broadcom Secure Content Manager | =8.0 | |
| Actian Ingres | =3.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546
- http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
- http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778
- http://www.securityfocus.com/bid/24585
- http://www.securitytracker.com/id?1018278
- http://secunia.com/advisories/25775
- http://secunia.com/advisories/25756
- http://www.vupen.com/english/advisories/2007/2290
- http://www.vupen.com/english/advisories/2007/2288
- http://osvdb.org/37487
- http://osvdb.org/37488
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35002
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34992
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34991
Frequently Asked Questions
What is the severity of CVE-2007-3334?
CVE-2007-3334 is classified as a critical vulnerability due to its potential to allow remote code execution.
How do I fix CVE-2007-3334?
To mitigate CVE-2007-3334, you should apply the security patches provided by the vendor for Ingres Database Server 3.0.3.
Which products are affected by CVE-2007-3334?
CVE-2007-3334 affects the Ingres Database Server version 3.0.3 and specific CA products such as eTrust Secure Content Manager r8.
What are the consequences of exploiting CVE-2007-3334?
Exploiting CVE-2007-3334 may allow attackers to execute arbitrary code on the affected systems, leading to a complete system compromise.
Is CVE-2007-3334 a local or remote vulnerability?
CVE-2007-3334 is considered a remote vulnerability as it allows attackers to exploit it from a remote location.
- collector/nvd-historical
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/author
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft windows
- vendor/ca
- canonical/broadcom secure content manager
- version/broadcom secure content manager/8.0
- vendor/ingres
- canonical/actian ingres
- version/actian ingres/3.0.3