Vulnerabilities > IBM
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-06-19 | CVE-2007-3264 | Unspecified vulnerability in IBM Websphere Application Server Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors. | 10.0 |
2007-06-19 | CVE-2007-3263 | Unspecified vulnerability in IBM Websphere Application Server Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors, related to "incorrect authorization on a remote interface to the SDO repository." | 10.0 |
2007-06-19 | CVE-2007-3262 | Unspecified vulnerability in IBM Websphere Application Server Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier allows remote attackers to cause a denial of service related to a thread hang, and possibly related to a "TCP issue," or to MPAlarmThread and a resultant memory leak. | 7.8 |
2007-06-19 | CVE-2007-3128 | SQL Injection vulnerability in IBM Websphere Portal 1.0 SQL injection vulnerability in content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter. | 6.4 |
2007-06-19 | CVE-2007-3127 | Information Disclosure vulnerability in IBM Websphere Portal 1.0 content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to obtain sensitive information via a "';" (quote semicolon) sequence in the page parameter, which reveals the installation path in the resulting forced SQL error message. | 5.0 |
2007-06-15 | CVE-2007-3232 | Remote Telnet Backdoor vulnerability in IBM Totalstorage Ds400 4.15 The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000. | 10.0 |
2007-06-06 | CVE-2007-0068 | Local Privilege Escalation vulnerability in IBM Lotus Domino 7.0/7.0.1/7.0.2 IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database. | 9.3 |
2007-06-06 | CVE-2007-0067 | Remote Denial of Service vulnerability in IBM Lotus Domino Web Server Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files. | 7.8 |
2007-06-04 | CVE-2007-2996 | Local Arbitrary Code Execution vulnerability in IBM AIX Perl Interpreter Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl." local ibm | 6.6 |
2007-06-04 | CVE-2007-2995 | Remote Security vulnerability in IBM AIX 5.2.0/5.3 Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors. network ibm | 4.3 |