Vulnerabilities > CVE-2007-3696 - Unspecified vulnerability in Broadcom Erwin Data Model Validator

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

broadcom

NVD

Published: 2007-07-11

Updated: 2021-04-09

Summary

CA ERwin Data Model Validator (formerly AllFusion Data Model Validator) allows remote attackers to (1) cause a denial of service (application hang) via a malformed .EXP database file and (2) cause a denial of service (aaplication crash) via a crafted .EXP database file, which triggers a NULL dereference.

Vulnerable Configurations

Part	Description	Count
Application	Broadcom Broadcom Erwin Data Model Validator *	1

References

http://osvdb.org/39596
http://www.eleytt.com/advisories/eleytt_ALLFUSIONDATAMODEL.pdf
http://www.securityfocus.com/bid/24814