Ingres 2006 9.0.4

CPE Details

Ingres 2006 9.0.4
ingres
ingres
2006
2017-12-12
13h53 +00:00
2021-06-10
13h54 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ingres:ingres:2006:9.0.4:*:*:*:*:*:*

Informations

Vendor

ingres

Product

ingres

Version

2006

Update

9.0.4

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2008-3356 2008-08-05 17h20 +00:00 verifydb in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and other Unix platforms sets the ownership or permissions of an iivdb.log file without verifying that it is the application's own log file, which allows local users to overwrite arbitrary files by creating a symlink with an iivdb.log filename.
4.6
CVE-2008-3389 2008-08-05 17h20 +00:00 Stack-based buffer overflow in the libbecompat library in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4), and Ingres 2006 release 2 (aka 9.1.0) on Linux and HP-UX allows local users to gain privileges by setting a long value of an environment variable before running (1) verifydb, (2) iimerge, or (3) csreport.
4.6