Vulnerabilities > IBM > AIX > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-06-04 | CVE-2007-2995 | Remote Security vulnerability in IBM AIX 5.2.0/5.3 Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors. network ibm | 4.3 |
| 2007-04-24 | CVE-2007-2191 | HTML Injection vulnerability in Freepbx 2.2.1/2.2Rc1 Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php. | 6.8 |
| 2007-03-02 | CVE-2007-1223 | Denial-Of-Service vulnerability in OSAS/FT/W Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of service (responder control processing halt) by sending "data unexpectedly through the port". | 5.0 |
| 2007-02-03 | CVE-2007-0670 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 5.2/5.3 Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin. | 4.6 |
| 2007-01-19 | CVE-2007-0392 | Local Security vulnerability in IBM AIX 5.3 IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. | 4.6 |
| 2006-12-31 | CVE-2006-6915 | Denial Of Service vulnerability in IBM AIX 5.2.0/5.3.0 ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. | 4.0 |
| 2006-12-31 | CVE-2006-6914 | Local Information Disclosure vulnerability in IBM AIX 5.2.0/5.3.0 Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors. | 5.0 |
| 2006-09-27 | CVE-2006-5007 | Local Privilege Escalation vulnerability in IBM AIX 5.2.0/5.3.0 Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux. | 4.6 |
| 2006-03-10 | CVE-2006-0667 | Local Security vulnerability in AIX 5.2/5.3 lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack. | 4.6 |
| 2006-02-15 | CVE-2006-0666 | Local Kernel Denial Of Service vulnerability in IBM AIX 5.3/5.3L Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 allows local users to cause a denial of service (system crash) via unknown vectors related to EMULATE_VMX. | 4.9 |