{"api_version":"1","generated_at":"2026-04-23T04:08:51+00:00","cve":"CVE-2007-3334","urls":{"html":"https://cve.report/CVE-2007-3334","api":"https://cve.report/api/cve/CVE-2007-3334.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-3334","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-3334"},"summary":{"title":"CVE-2007-3334","description":"Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-06-21 22:30:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://osvdb.org/37488","name":"http://osvdb.org/37488","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.securitytracker.com/id?1018278","name":"http://www.securitytracker.com/id?1018278","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Ingres Database Heap Overflows Let Remote Users Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546","name":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://secunia.com/advisories/25775","name":"http://secunia.com/advisories/25775","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"CA Products Ingres Database Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/2288","name":"http://www.vupen.com/english/advisories/2007/2288","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/25756","name":"http://secunia.com/advisories/25756","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Ingres Database Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp","name":"http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35002","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35002","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/37487","name":"http://osvdb.org/37487","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.securityfocus.com/bid/24585","name":"http://www.securityfocus.com/bid/24585","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Ingress Database Server Multiple Remote Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778","name":"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"CA Products That Embed Ingres Multiple Vulnerabilities - CA","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34991","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34991","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34992","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34992","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/2290","name":"http://www.vupen.com/english/advisories/2007/2290","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-3334","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-3334","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"3334","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ca","cpe5":"etrust_secure_content_manager","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"3334","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ingres","cpe5":"database_server","cpe6":"3.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"3334","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"all_windows","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T14:14:12.912Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"ADV-2007-2288","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/2288"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"},{"name":"20070621 Ingres Database Multiple Heap Corruption Vulnerabilities","tags":["third-party-advisory","x_refsource_IDEFENSE","x_transferred"],"url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"},{"name":"ingres-wakeup-privilege-escalation(35002)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"},{"name":"25756","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/25756"},{"name":"25775","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/25775"},{"name":"37488","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/37488"},{"name":"ADV-2007-2290","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/2290"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"},{"name":"ingres-communications-server-bo(34991)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"},{"name":"37487","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/37487"},{"name":"1018278","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1018278"},{"name":"ingres-data-access-server-bo(34992)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"},{"name":"24585","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/24585"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-06-21T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"ADV-2007-2288","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/2288"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"},{"name":"20070621 Ingres Database Multiple Heap Corruption Vulnerabilities","tags":["third-party-advisory","x_refsource_IDEFENSE"],"url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"},{"name":"ingres-wakeup-privilege-escalation(35002)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"},{"name":"25756","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/25756"},{"name":"25775","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/25775"},{"name":"37488","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/37488"},{"name":"ADV-2007-2290","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/2290"},{"tags":["x_refsource_CONFIRM"],"url":"http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"},{"name":"ingres-communications-server-bo(34991)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"},{"name":"37487","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/37487"},{"name":"1018278","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1018278"},{"name":"ingres-data-access-server-bo(34992)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"},{"name":"24585","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/24585"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-3334","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"ADV-2007-2288","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/2288"},{"name":"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778","refsource":"CONFIRM","url":"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"},{"name":"20070621 Ingres Database Multiple Heap Corruption Vulnerabilities","refsource":"IDEFENSE","url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"},{"name":"ingres-wakeup-privilege-escalation(35002)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"},{"name":"25756","refsource":"SECUNIA","url":"http://secunia.com/advisories/25756"},{"name":"25775","refsource":"SECUNIA","url":"http://secunia.com/advisories/25775"},{"name":"37488","refsource":"OSVDB","url":"http://osvdb.org/37488"},{"name":"ADV-2007-2290","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/2290"},{"name":"http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp","refsource":"CONFIRM","url":"http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"},{"name":"ingres-communications-server-bo(34991)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"},{"name":"37487","refsource":"OSVDB","url":"http://osvdb.org/37487"},{"name":"1018278","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1018278"},{"name":"ingres-data-access-server-bo(34992)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"},{"name":"24585","refsource":"BID","url":"http://www.securityfocus.com/bid/24585"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-3334","datePublished":"2007-06-21T22:00:00.000Z","dateReserved":"2007-06-21T00:00:00.000Z","dateUpdated":"2024-08-07T14:14:12.912Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-06-21 22:30:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*","matchCriteriaId":"3AB4B29F-4C60-48A0-8F58-BCBDC58B697E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*","matchCriteriaId":"5DB54A16-5E56-46FC-A49C-56C98C0B8F1A"},{"vulnerable":true,"criteria":"cpe:2.3:a:ingres:database_server:3.0.3:*:*:*:*:*:*:*","matchCriteriaId":"B836C674-BF4F-4D60-AA33-D778B712D3A3"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"3334","Ordinal":"1","Title":"CVE-2007-3334","CVE":"CVE-2007-3334","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"3334","Ordinal":"1","NoteData":"Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.","Type":"Description","Title":"CVE-2007-3334"},{"CveYear":"2007","CveId":"3334","Ordinal":"2","NoteData":"2007-06-21","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"3334","Ordinal":"3","NoteData":"2017-07-28","Type":"Other","Title":"Modified"}]}}}