APP: Ingres Database Communications Server Component Heap Buffer Overflow
A heap buffer overflow vulnerability exists in Ingres Database Communications Server. A successful attack can lead to arbitrary code execution.
Extended Description
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.
References
CVE: CVE-2007-3334
Short Name
APP:INGRES:DB-COMP-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2007-3334 Communications Component Database Heap Ingres Overflow Server
Release Date
06/12/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
Port
TCP/21064
False Positive
Unknown
CVSS Score
10.0