CyberSec.Space Logo
Back to CVE Browser

CVE-2007-3338

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1580%
EPSS Percentile44.67th
PublishedJun 22, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions.

Affected Platforms (CPE)

πŸ“¦
Ingres

Database Server

= 2.5
πŸ“¦
Ingres

Database Server

= 2.6
πŸ“¦
Ingres

Database Server

= 9.0.4
πŸ“¦
Ingres

Database Server

= r3

References & Advisories

πŸ”— http://osvdb.org/37483
πŸ”— http://secunia.com/advisories/25756
πŸ”— http://secunia.com/advisories/25775
πŸ”— http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
πŸ”— http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778
πŸ”— http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-ingres-stack-overflow/
πŸ”— http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-stack-overflow/
πŸ”— http://www.securityfocus.com/archive/1/472194/100/0/threaded

Related Vulnerabilities

CVE-2020-2949310.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthentic...

CVE-2020-677910.0

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 a...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-1999-000310.0

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).