{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-12-20T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2007-4303", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/4303"}, {"name": "1019134", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1019134"}, {"name": "39358", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/39358"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ingres.com/support/security-alertDec17.php"}, {"name": "28187", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28187"}, {"name": "26959", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26959"}, {"name": "28183", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28183"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp"}, {"name": "ADV-2007-4304", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/4304"}, {"name": "20071221 [CAID 35970]: CA Products That Embed Ingres Authentication Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/485448/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6334", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-4303", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/4303"}, {"name": "1019134", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1019134"}, {"name": "39358", "refsource": "OSVDB", "url": "http://www.osvdb.org/39358"}, {"name": "http://www.ingres.com/support/security-alertDec17.php", "refsource": "CONFIRM", "url": "http://www.ingres.com/support/security-alertDec17.php"}, {"name": "28187", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28187"}, {"name": "26959", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26959"}, {"name": "28183", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28183"}, {"name": "http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp", "refsource": "CONFIRM", "url": "http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp"}, {"name": "ADV-2007-4304", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/4304"}, {"name": "20071221 [CAID 35970]: CA Products That Embed Ingres Authentication Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/485448/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:02:36.365Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2007-4303", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/4303"}, {"name": "1019134", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1019134"}, {"name": "39358", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/39358"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ingres.com/support/security-alertDec17.php"}, {"name": "28187", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28187"}, {"name": "26959", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26959"}, {"name": "28183", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28183"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp"}, {"name": "ADV-2007-4304", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/4304"}, {"name": "20071221 [CAID 35970]: CA Products That Embed Ingres Authentication Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/485448/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6334", "datePublished": "2007-12-20T23:00:00.000Z", "dateReserved": "2007-12-13T00:00:00.000Z", "dateUpdated": "2024-08-07T16:02:36.365Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:ingres:ingres:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "43A75B42-4739-4E98-A6B9-704B51BD59EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ingres:ingres:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "DCE11A92-56B9-43A2-9E3D-D511AE713F45", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges."}, {"lang": "es", "value": "Ingres 2.5 y 2.6 para Windows, usados en m\u00faltiples productos CA y posiblemente otros, asigna los privilegios y la identidad de los usuarios para que sean la misma que el primer usuario, lo cual permite a atacantes remotos obtener privilegios."}], "id": "CVE-2007-6334", "lastModified": "2026-04-23T00:35:47.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-12-20T23:46:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/28183"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/28187"}, {"source": "cve@mitre.org", "url": "http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp"}, {"source": "cve@mitre.org", "url": "http://www.ingres.com/support/security-alertDec17.php"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/39358"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/485448/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/26959"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1019134"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/4303"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/4304"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/28183"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/28187"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ingres.com/support/security-alertDec17.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/39358"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485448/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/26959"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1019134"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/4303"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/4304"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}