Vulnerabilities > IBM
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-12-04 | CVE-2007-6232 | Cross-Site Scripting vulnerability in FTP Admin 0.1.0 Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. | 4.3 |
2007-12-04 | CVE-2007-6219 | Cross-Site Scripting vulnerability in IBM Tivoli Netcool Security Manager 1.3.0 Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool Security Manager 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2007-11-21 | CVE-2007-5612 | Resource Management Errors vulnerability in IBM Director CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections. | 7.8 |
2007-11-20 | CVE-2007-6053 | Resource Management Errors vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | 9.3 |
2007-11-20 | CVE-2007-6052 | Privilege Escalation vulnerability in IBM DB2 IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | 7.8 |
2007-11-20 | CVE-2007-6051 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. | 10.0 |
2007-11-20 | CVE-2007-6050 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory." | 7.2 |
2007-11-20 | CVE-2007-6049 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root. | 7.2 |
2007-11-20 | CVE-2007-6048 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. | 10.0 |
2007-11-20 | CVE-2007-6047 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART. | 10.0 |