Vendor CVEs
IBM
All CVEs
8,287 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-5924 | 0.00 | — | 0.01 | Nov 10, 2007 | Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.2 FP2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2007-5819 | 0.00 | — | 0.00 | Nov 5, 2007 | IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients. | |||
| CVE-2007-5805 | 0.00 | — | 0.00 | Nov 5, 2007 | cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the… | |||
| CVE-2007-5804 | 0.00 | — | 0.00 | Nov 5, 2007 | cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file's name as the argument. | |||
| CVE-2007-4622 | 0.00 | — | 0.00 | Nov 5, 2007 | Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig. | |||
| CVE-2007-4217 | 0.00 | — | 0.00 | Nov 5, 2007 | Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command. | |||
| CVE-2007-4513 | 0.00 | — | 0.01 | Nov 5, 2007 | Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv. | |||
| CVE-2007-4623 | 0.00 | — | 0.01 | Nov 5, 2007 | Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command. | |||
| CVE-2007-4621 | 0.00 | — | 0.00 | Nov 5, 2007 | Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments. | |||
| CVE-2007-5799 | 0.00 | — | 0.01 | Nov 3, 2007 | Multiple cross-site request forgery (CSRF) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to perform some actions as WAS UDDI users via the (1) keyField, (2)… | |||
| CVE-2007-5798 | 0.00 | — | 0.01 | Nov 3, 2007 | Multiple cross-site scripting (XSS) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to inject arbitrary web script or HTML via the (1) keyField, (2)… | |||
| CVE-2007-4348 | 0.00 | — | 0.01 | Oct 30, 2007 | Cross-site scripting (XSS) vulnerability in the CAD service in IBM Tivoli Storage Manager (TSM) Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581, which generate log entries in a dsmerror.log file… | |||
| CVE-2007-4222 | 0.00 | — | 0.04 | Oct 29, 2007 | Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email. | |||
| CVE-2007-3510 | 0.00 | — | 0.05 | Oct 29, 2007 | Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name. | |||
| CVE-2007-5701 | 0.00 | — | 0.00 | Oct 29, 2007 | Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a "ca activate" or "ca unlock" command with any… | |||
| CVE-2007-5700 | 0.00 | — | 0.01 | Oct 29, 2007 | The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses an incorrect security context for @ formula commands in some circumstances, which might allow remote authenticated users to gain privileges and obtain sensitive information. | |||
| CVE-2007-5652 | 0.00 | — | 0.02 | Oct 23, 2007 | IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to… | |||
| CVE-2007-5559 | 0.00 | — | 0.05 | Oct 18, 2007 | Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known… | |||
| CVE-2007-5483 | 0.00 | — | 0.02 | Oct 16, 2007 | Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebSphere Application Server 5.x and 6.0.x has unknown impact and attack vectors. | |||
| CVE-2007-5090 | 0.00 | — | 0.02 | Sep 26, 2007 | Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors. | |||
| CVE-2007-5022 | 0.00 | — | 0.02 | Sep 21, 2007 | Unspecified vulnerability in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2, when using "server-initiated prompted scheduling," allows remote attackers to read a client's data, aka IC53616. | |||
| CVE-2007-4839 | 0.00 | — | 0.01 | Sep 12, 2007 | Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803. | |||
| CVE-2007-4833 | 0.00 | — | 0.02 | Sep 12, 2007 | Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK44789. | |||
| CVE-2007-4791 | 0.00 | — | 0.00 | Sep 10, 2007 | Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978. | |||
| CVE-2007-4798 | 0.00 | — | 0.00 | Sep 10, 2007 | Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix". | |||
| CVE-2007-4799 | 0.00 | — | 0.00 | Sep 10, 2007 | The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations. | |||
| CVE-2007-4797 | 0.00 | — | 0.00 | Sep 10, 2007 | Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors. | |||
| CVE-2007-4796 | 0.00 | — | 0.00 | Sep 10, 2007 | Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||
| CVE-2007-4793 | 0.00 | — | 0.00 | Sep 10, 2007 | Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||
| CVE-2007-4794 | 0.00 | — | 0.00 | Sep 10, 2007 | Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter. | |||
| CVE-2007-4792 | 0.00 | — | 0.00 | Sep 10, 2007 | Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors. | |||
| CVE-2007-4795 | 0.00 | — | 0.00 | Sep 10, 2007 | Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name. | |||
| CVE-2007-4598 | 0.00 | — | 0.00 | Aug 30, 2007 | IBM SurePOS 500 has (1) a default password of "12345" for the manager and (2) blank default passwords for operator accounts. | |||
| CVE-2007-4418 | 0.00 | — | 0.01 | Aug 18, 2007 | IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE: this issue is probably related to CVE-2007-1089, but this is uncertain due to… | |||
| CVE-2007-4423 | 0.00 | — | 0.04 | Aug 18, 2007 | Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument. | |||
| CVE-2007-4276 | 0.00 | — | 0.01 | Aug 18, 2007 | Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer. | |||
| CVE-2007-4417 | 0.00 | — | 0.01 | Aug 18, 2007 | IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed. | |||
| CVE-2007-4272 | 0.00 | — | 0.00 | Aug 18, 2007 | Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations", and other unspecified… | |||
| CVE-2007-4275 | 0.00 | — | 0.00 | Aug 18, 2007 | Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on… | |||
| CVE-2007-4273 | 0.00 | — | 0.00 | Aug 18, 2007 | IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment… | |||
| CVE-2007-4271 | 0.00 | — | 0.00 | Aug 18, 2007 | Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be… | |||
| CVE-2007-4270 | 0.00 | — | 0.00 | Aug 18, 2007 | Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files. | |||
| CVE-2007-2928 | 0.00 | — | 0.05 | Aug 15, 2007 | Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), allows remote attackers to execute arbitrary code via… | |||
| CVE-2007-2240 | 0.00 | — | 0.03 | Aug 15, 2007 | The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), does not properly validate digital signatures of downloaded software, which makes it… | |||
| CVE-2007-2929 | 0.00 | — | 0.03 | Aug 15, 2007 | The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), exposes unsafe methods to arbitrary web domains, which allows remote attackers to… | |||
| CVE-2007-4355 | 0.00 | — | 0.00 | Aug 15, 2007 | Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors. | |||
| CVE-2007-4354 | 0.00 | — | 0.00 | Aug 15, 2007 | Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||
| CVE-2007-4353 | 0.00 | — | 0.00 | Aug 15, 2007 | Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods. | |||
| CVE-2007-4309 | 0.00 | — | 0.01 | Aug 13, 2007 | IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696. | |||
| CVE-2007-4238 | 0.00 | — | 0.00 | Aug 8, 2007 | AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit. |
- CVE-2007-5924Nov 10, 2007risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.2 FP2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2007-5819Nov 5, 2007risk 0.00cvss —epss 0.00
IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients.
- CVE-2007-5805Nov 5, 2007risk 0.00cvss —epss 0.00
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the…
- CVE-2007-5804Nov 5, 2007risk 0.00cvss —epss 0.00
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file's name as the argument.
- CVE-2007-4622Nov 5, 2007risk 0.00cvss —epss 0.00
Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig.
- CVE-2007-4217Nov 5, 2007risk 0.00cvss —epss 0.00
Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command.
- CVE-2007-4513Nov 5, 2007risk 0.00cvss —epss 0.01
Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv.
- CVE-2007-4623Nov 5, 2007risk 0.00cvss —epss 0.01
Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command.
- CVE-2007-4621Nov 5, 2007risk 0.00cvss —epss 0.00
Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.
- CVE-2007-5799Nov 3, 2007risk 0.00cvss —epss 0.01
Multiple cross-site request forgery (CSRF) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to perform some actions as WAS UDDI users via the (1) keyField, (2)…
- CVE-2007-5798Nov 3, 2007risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to inject arbitrary web script or HTML via the (1) keyField, (2)…
- CVE-2007-4348Oct 30, 2007risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the CAD service in IBM Tivoli Storage Manager (TSM) Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581, which generate log entries in a dsmerror.log file…
- CVE-2007-4222Oct 29, 2007risk 0.00cvss —epss 0.04
Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email.
- CVE-2007-3510Oct 29, 2007risk 0.00cvss —epss 0.05
Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name.
- CVE-2007-5701Oct 29, 2007risk 0.00cvss —epss 0.00
Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a "ca activate" or "ca unlock" command with any…
- CVE-2007-5700Oct 29, 2007risk 0.00cvss —epss 0.01
The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses an incorrect security context for @ formula commands in some circumstances, which might allow remote authenticated users to gain privileges and obtain sensitive information.
- CVE-2007-5652Oct 23, 2007risk 0.00cvss —epss 0.02
IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to…
- CVE-2007-5559Oct 18, 2007risk 0.00cvss —epss 0.05
Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known…
- CVE-2007-5483Oct 16, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebSphere Application Server 5.x and 6.0.x has unknown impact and attack vectors.
- CVE-2007-5090Sep 26, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors.
- CVE-2007-5022Sep 21, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2, when using "server-initiated prompted scheduling," allows remote attackers to read a client's data, aka IC53616.
- CVE-2007-4839Sep 12, 2007risk 0.00cvss —epss 0.01
Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803.
- CVE-2007-4833Sep 12, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK44789.
- CVE-2007-4791Sep 10, 2007risk 0.00cvss —epss 0.00
Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978.
- CVE-2007-4798Sep 10, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix".
- CVE-2007-4799Sep 10, 2007risk 0.00cvss —epss 0.00
The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations.
- CVE-2007-4797Sep 10, 2007risk 0.00cvss —epss 0.00
Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors.
- CVE-2007-4796Sep 10, 2007risk 0.00cvss —epss 0.00
Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
- CVE-2007-4793Sep 10, 2007risk 0.00cvss —epss 0.00
Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
- CVE-2007-4794Sep 10, 2007risk 0.00cvss —epss 0.00
Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.
- CVE-2007-4792Sep 10, 2007risk 0.00cvss —epss 0.00
Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
- CVE-2007-4795Sep 10, 2007risk 0.00cvss —epss 0.00
Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.
- CVE-2007-4598Aug 30, 2007risk 0.00cvss —epss 0.00
IBM SurePOS 500 has (1) a default password of "12345" for the manager and (2) blank default passwords for operator accounts.
- CVE-2007-4418Aug 18, 2007risk 0.00cvss —epss 0.01
IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE: this issue is probably related to CVE-2007-1089, but this is uncertain due to…
- CVE-2007-4423Aug 18, 2007risk 0.00cvss —epss 0.04
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.
- CVE-2007-4276Aug 18, 2007risk 0.00cvss —epss 0.01
Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer.
- CVE-2007-4417Aug 18, 2007risk 0.00cvss —epss 0.01
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed.
- CVE-2007-4272Aug 18, 2007risk 0.00cvss —epss 0.00
Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations", and other unspecified…
- CVE-2007-4275Aug 18, 2007risk 0.00cvss —epss 0.00
Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on…
- CVE-2007-4273Aug 18, 2007risk 0.00cvss —epss 0.00
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment…
- CVE-2007-4271Aug 18, 2007risk 0.00cvss —epss 0.00
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be…
- CVE-2007-4270Aug 18, 2007risk 0.00cvss —epss 0.00
Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files.
- CVE-2007-2928Aug 15, 2007risk 0.00cvss —epss 0.05
Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), allows remote attackers to execute arbitrary code via…
- CVE-2007-2240Aug 15, 2007risk 0.00cvss —epss 0.03
The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), does not properly validate digital signatures of downloaded software, which makes it…
- CVE-2007-2929Aug 15, 2007risk 0.00cvss —epss 0.03
The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), exposes unsafe methods to arbitrary web domains, which allows remote attackers to…
- CVE-2007-4355Aug 15, 2007risk 0.00cvss —epss 0.00
Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
- CVE-2007-4354Aug 15, 2007risk 0.00cvss —epss 0.00
Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
- CVE-2007-4353Aug 15, 2007risk 0.00cvss —epss 0.00
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods.
- CVE-2007-4309Aug 13, 2007risk 0.00cvss —epss 0.01
IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696.
- CVE-2007-4238Aug 8, 2007risk 0.00cvss —epss 0.00
AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit.
Page 158 of 166