CVE-2007-3337

N/A Unknown

Published: June 22, 2007 Modified: April 23, 2026

Description

wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/37485

Source: cve@mitre.org

http://secunia.com/advisories/25756

Source: cve@mitre.org

http://secunia.com/advisories/25775

Source: cve@mitre.org

http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp

Source: cve@mitre.org

Patch

http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778

Source: cve@mitre.org

http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451

Source: cve@mitre.org

http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-file-truncation/

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/472200/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/24585

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/2288

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/2290

Source: cve@mitre.org

http://osvdb.org/37485