Vulnerabilities > IBM > OS2

DATE	CVE	VULNERABILITY TITLE	RISK
2007-09-18	CVE-2007-4938	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. network high complexity apple hp ibm linux mandrakesoft microsoft santa-cruz-operation sun windriver mplayer sgi CWE-119	7.6
2007-05-17	CVE-2007-2736	Remote File Include vulnerability in Achievo 1.1.0 PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver achievo critical	10.0
2007-02-23	CVE-2006-7034	SQL-Injection vulnerability in Super Link Exchange Script Super Link Exchange Script 1.0 SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver super-link-exchange-script	7.5
2007-02-21	CVE-2007-1043	Authentication Bypass vulnerability in Ezboo Webstats 3.0.3 Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver ezboo	7.5