Vulnerabilities > IBM

DATE CVE VULNERABILITY TITLE RISK
2007-03-02 CVE-2007-1223 Denial-Of-Service vulnerability in OSAS/FT/W
Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of service (responder control processing halt) by sending "data unexpectedly through the port".
network
low complexity
hitachi ibm sun
5.0
2007-02-23 CVE-2007-1089 Local Security vulnerability in IBM DB2 Universal Database 8.0/9.1
IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors.
local
low complexity
linux microsoft ibm
7.2
2007-02-23 CVE-2007-1088 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM DB2
Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows local users to execute arbitrary code via a long string in unspecified environment variables.
local
low complexity
ibm CWE-119
7.2
2007-02-23 CVE-2007-1087 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM DB2
IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow.
local
low complexity
ibm CWE-119
7.2
2007-02-23 CVE-2007-1086 Local Privilege Escalation vulnerability in IBM DB2 Universal Database
Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."
local
low complexity
hp ibm linux microsoft sun
7.2
2007-02-23 CVE-2006-7034 SQL-Injection vulnerability in Super Link Exchange Script Super Link Exchange Script 1.0
SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter.
7.5
2007-02-21 CVE-2007-1043 Authentication Bypass vulnerability in Ezboo Webstats 3.0.3
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.
7.5
2007-02-21 CVE-2007-1027 Link Following vulnerability in IBM DB2 9.0
Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file.
local
ibm CWE-59
4.4
2007-02-16 CVE-2007-0978 Local Security vulnerability in IBM AIX 5.3
Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data.
local
low complexity
ibm
7.2
2007-02-16 CVE-2007-0977 Remote Security vulnerability in Lotus Domino 5.0/6.0
IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428.
network
ibm
7.1