CVE-2007-3338
Severity
10.0CRITICAL
EPSS
20.6%
top 4.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 22
Latest updateMay 1
Description
Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions.
CVSS vector
AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0