Vulnerabilities > IBM > AIX > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-02-13 CVE-2018-1383 Unspecified vulnerability in IBM AIX
A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine.
network
low complexity
ibm
critical
9.0
2011-03-23 CVE-2010-4773 Remote Security vulnerability in Hitachi products
Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA (* 2) 2010.11.15; Hitachi EUR Form Service before 05-10 -/D 2010.11.15; and uCosminexus EUR Form Service before 07-60 -/D 2010.11.15 on Windows, before 05-10 -/D 2010.11.15 and 07-50 -/D 2010.11.15 on Linux, and before 07-50 -/C 2010.11.15 on AIX; allows remote attackers to execute arbitrary code via unknown attack vectors.
network
low complexity
hitachi microsoft linux ibm
critical
10.0
2010-08-30 CVE-2010-3187 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX
Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
network
low complexity
ibm CWE-119
critical
10.0
2010-05-20 CVE-2010-1039 USE of Externally-Controlled Format String vulnerability in multiple products
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
network
low complexity
hp ibm sgi CWE-134
critical
10.0
2009-10-15 CVE-2009-3699 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX and Vios
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
network
low complexity
ibm CWE-119
critical
10.0
2009-10-01 CVE-2009-3517 Authentication Bypass vulnerability in IBM AIX 'nfs_portmon'
nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors.
network
low complexity
ibm
critical
10.0
2009-08-10 CVE-2009-2727 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX
Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15.
network
ibm CWE-119
critical
9.3
2007-07-15 CVE-2007-3794 Buffer Overflow vulnerability in Multiple Hitachi Products GIF Image
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application.
network
low complexity
microsoft hitachi linux hp ibm sun
critical
10.0
2006-09-27 CVE-2006-5008 Local Privilege Escalation and Denial of Service vulnerability in IBM AIX 5.2.0/5.3.0
Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors.
network
low complexity
ibm
critical
10.0
2005-12-15 CVE-2005-4272 Local Buffer Overflow vulnerability in IBM AIX slocal
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
network
low complexity
ibm
critical
10.0