CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
98.3%
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | all_windows | * | cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:* |
ca | etrust_secure_content_manager | 8.0 | cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:* |
ingres | database_server | 3.0.3 | cpe:2.3:a:ingres:database_server:3.0.3:*:*:*:*:*:*:* |
labs.idefense.com/intelligence/vulnerabilities/display.php?id=546
osvdb.org/37487
osvdb.org/37488
secunia.com/advisories/25756
secunia.com/advisories/25775
supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778
www.securityfocus.com/bid/24585
www.securitytracker.com/id?1018278
www.vupen.com/english/advisories/2007/2288
www.vupen.com/english/advisories/2007/2290
exchange.xforce.ibmcloud.com/vulnerabilities/34991
exchange.xforce.ibmcloud.com/vulnerabilities/34992
exchange.xforce.ibmcloud.com/vulnerabilities/35002