- Description
- Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ingres:database_server:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D23E67C-E964-4571-B6FA-DCC910FD2A7C"
},
{
"criteria": "cpe:2.3:a:ingres:database_server:2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0D77591-A8B7-4BAE-9761-CEB5A739A9E1"
},
{
"criteria": "cpe:2.3:a:ingres:database_server:9.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFE10403-BEB4-4A63-BC0D-CC5803584F5E"
},
{
"criteria": "cpe:2.3:a:ingres:database_server:r3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01A77427-8C8D-4ABD-8502-F40D704B5F8A"
}
],
"operator": "OR"
}
]
}
]