cbcvebase.
CVE-2007-3334
published 2007-06-21

CVE-2007-3334: Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server…

PriorityP353critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
10.32%
95.1th percentile
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.

Affected

2 ranges
VendorProductVersion rangeFixed in
caetrust_secure_content_manager
ingresdatabase_server

Detection & IOCsextracted from sources · hover to see the quote

processiigcc.exe
processiigcd.exe
filenamealarkp.def
  • Detect unexpected truncation or modification of the file 'alarkp.def' on disk, which is a known artifact of exploitation of these Ingres vulnerabilities.
  • Exploitation targets Windows systems running CA eTrust Secure Content Manager r8 with Ingres Database Server; monitor for SYSTEM-level process spawning from iigcc.exe or iigcd.exe parent processes.
  • ·The exploit covers multiple CVEs beyond CVE-2007-3334; the same payload script targets CVE-2007-3336, CVE-2007-3337, and CVE-2007-3338 as well, so detections may fire on related but distinct vulnerabilities.
  • ·The exact service port is not hardcoded in the exploit; it is supplied as a runtime argument, so no single fixed port can be used as a reliable detection filter.
  • ·The NVD advisory describes the attack vectors as 'unknown', limiting the ability to craft precise payload-content signatures beyond what the PoC demonstrates.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.