CVE-2007-6334

Published: Dec 20, 2007Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges.

Affected (2)

Products: Ingres: Ingres

Ingres

1 product

Ingres

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ingres Ingres	Version 2.5
Ingres Ingres	Version 2.6

Running on/with	Platform Versions
Microsoft Windows Nt	All versions

Related CWEs

CWE-264

References (20)

http://secunia.com/advisories/28183

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/28187

Source: cve@mitre.org

PatchVendor Advisory

http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp

Source: cve@mitre.org

http://www.ingres.com/support/security-alertDec17.php

Source: cve@mitre.org

http://www.osvdb.org/39358

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/485448/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/26959

Source: cve@mitre.org

Patch

http://www.securitytracker.com/id?1019134

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/4303

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/4304

Source: cve@mitre.org

http://secunia.com/advisories/28183