CVE-2007-6334

Sažetak

Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges.

Reference

http://secunia.com/advisories/28183
http://secunia.com/advisories/28187
http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp
http://www.ingres.com/support/security-alertDec17.php
http://www.osvdb.org/39358
http://www.securityfocus.com/archive/1/485448/100/0/threaded
http://www.securityfocus.com/bid/26959
http://www.securitytracker.com/id?1019134
http://www.vupen.com/english/advisories/2007/4303
http://www.vupen.com/english/advisories/2007/4304

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

15-10-2018 - 21:52

Objavljeno

20-12-2007 - 23:46