Vulnerability in Ingres Database_server

CVE-2007-3337

wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file.

EPSS: 0.004 (27.4th percentile) — read the EPSS interpretation.

Affected products

References