Director
by IBM
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-0880 | 0.06 | — | 0.32 | Mar 12, 2009 | Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request. | |||
| CVE-2009-0879 | 0.04 | — | 0.08 | Mar 12, 2009 | The CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to cause a denial of service (daemon crash) via a long consumer name, as demonstrated by an M-POST request to a long /CIMListener/ URI. | |||
| CVE-2006-4681 | 0.03 | — | 0.04 | Sep 11, 2006 | Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the file parameter. | |||
| CVE-2015-1992 | 0.00 | — | 0.00 | Aug 23, 2015 | IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, 6.3.2.x, 6.3.3.x, 6.3.5.0, and 6.3.6.0 improperly processes events, which allows local users to gain privileges via unspecified vectors. | |||
| CVE-2014-3099 | 0.00 | — | 0.00 | Dec 6, 2014 | Unspecified vulnerability in the Security component in IBM Systems Director 6.3.0 through 6.3.5 allows local users to obtain sensitive information via unknown vectors. | |||
| CVE-2011-2163 | 0.00 | — | 0.02 | May 20, 2011 | Unspecified vulnerability in Virtualization Manager 1.2.2 in IBM Systems Director 1.2.2 has unknown impact and attack vectors. | |||
| CVE-2007-5612 | 0.00 | — | 0.02 | Nov 21, 2007 | CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections. | |||
| CVE-2006-4683 | 0.00 | — | 0.01 | Sep 11, 2006 | IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE. | |||
| CVE-2006-4682 | 0.00 | — | 0.02 | Sep 11, 2006 | Multiple unspecified vulnerabilities in IBM Director before 5.10 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving (1) malformed WMI CIM server requests and (2) malformed packets. |
- CVE-2009-0880Mar 12, 2009risk 0.06cvss —epss 0.32
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
- CVE-2009-0879Mar 12, 2009risk 0.04cvss —epss 0.08
The CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to cause a denial of service (daemon crash) via a long consumer name, as demonstrated by an M-POST request to a long /CIMListener/ URI.
- CVE-2006-4681Sep 11, 2006risk 0.03cvss —epss 0.04
Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the file parameter.
- CVE-2015-1992Aug 23, 2015risk 0.00cvss —epss 0.00
IBM Systems Director 5.2.x, 6.1.x, 6.2.0.x, 6.2.1.x, 6.3.0.0, 6.3.1.x, 6.3.2.x, 6.3.3.x, 6.3.5.0, and 6.3.6.0 improperly processes events, which allows local users to gain privileges via unspecified vectors.
- CVE-2014-3099Dec 6, 2014risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Security component in IBM Systems Director 6.3.0 through 6.3.5 allows local users to obtain sensitive information via unknown vectors.
- CVE-2011-2163May 20, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in Virtualization Manager 1.2.2 in IBM Systems Director 1.2.2 has unknown impact and attack vectors.
- CVE-2007-5612Nov 21, 2007risk 0.00cvss —epss 0.02
CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections.
- CVE-2006-4683Sep 11, 2006risk 0.00cvss —epss 0.01
IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE.
- CVE-2006-4682Sep 11, 2006risk 0.00cvss —epss 0.02
Multiple unspecified vulnerabilities in IBM Director before 5.10 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving (1) malformed WMI CIM server requests and (2) malformed packets.