Vulnerability Description
Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Nt | All versions |
| Ingres | Ingres | 2.5 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/28183PatchVendor Advisory
- http://secunia.com/advisories/28187PatchVendor Advisory
- http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp
- http://www.ingres.com/support/security-alertDec17.php
- http://www.osvdb.org/39358
- http://www.securityfocus.com/archive/1/485448/100/0/threaded
- http://www.securityfocus.com/bid/26959Patch
- http://www.securitytracker.com/id?1019134
- http://www.vupen.com/english/advisories/2007/4303
- http://www.vupen.com/english/advisories/2007/4304
- http://secunia.com/advisories/28183PatchVendor Advisory
- http://secunia.com/advisories/28187PatchVendor Advisory
- http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp
- http://www.ingres.com/support/security-alertDec17.php
- http://www.osvdb.org/39358
FAQ
What is CVE-2007-6334?
CVE-2007-6334 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers...
How severe is CVE-2007-6334?
CVE-2007-6334 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6334?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Nt, Ingres Ingres.