Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-29 | CVE-2007-3510 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Domino Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name. | 9.0 |
| 2007-10-23 | CVE-2007-5652 | Buffer Errors vulnerability in IBM DB2 9.1 IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. | 7.8 |
| 2007-10-18 | CVE-2007-5559 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Thinkvantage TPM Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. | 10.0 |
| 2007-10-16 | CVE-2007-5483 | Unspecified vulnerability in IBM WebSphere Application Server Administrative Scripting Tools Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebSphere Application Server 5.x and 6.0.x has unknown impact and attack vectors. | 10.0 |
| 2007-09-28 | CVE-2007-4880 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Tivoli Storage Manager Client Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905. | 10.0 |
| 2007-09-21 | CVE-2007-5022 | Information Exposure vulnerability in IBM Tivoli Storage Manager Client Unspecified vulnerability in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2, when using "server-initiated prompted scheduling," allows remote attackers to read a client's data, aka IC53616. | 5.0 |
| 2007-09-18 | CVE-2007-4938 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. | 7.6 |
| 2007-09-12 | CVE-2007-4839 | Remote Security vulnerability in IBM Websphere Application Server 6.1.0.9 Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803. | 7.5 |
| 2007-09-12 | CVE-2007-4833 | Unspecified vulnerability in IBM WebSphere Application Server Edge Component Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK44789. | 5.0 |
| 2007-09-10 | CVE-2007-4799 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX 5.3 The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations. | 4.9 |