Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-02-16 | CVE-2007-0977 | Remote Security vulnerability in Lotus Domino 5.0/6.0 IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428. network ibm | 7.1 |
| 2007-02-03 | CVE-2007-0670 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 5.2/5.3 Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin. | 4.6 |
| 2007-01-31 | CVE-2007-0618 | Authentication Bypass vulnerability in IBM AIX 5.3.0 Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability." | 7.5 |
| 2007-01-23 | CVE-2007-0442 | Remote Security vulnerability in IBM OS/400 Unspecified vulnerability in IBM OS/400 R530 and R535 has unknown impact and remote attack vectors, related to an "Integrity Problem" involving LIC-TCPIP and TCP reset. | 5.0 |
| 2007-01-19 | CVE-2007-0392 | Local Security vulnerability in IBM AIX 5.3 IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. | 4.6 |
| 2006-12-31 | CVE-2006-6915 | Denial Of Service vulnerability in IBM AIX 5.2.0/5.3.0 ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. | 4.0 |
| 2006-12-31 | CVE-2006-6914 | Local Information Disclosure vulnerability in IBM AIX 5.2.0/5.3.0 Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors. | 5.0 |
| 2006-12-31 | CVE-2006-6836 | Multiple Unspecified vulnerability in IBM OS 400 V5R3M0 Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 have unspecified impact and attack vectors, related to ASN.1 parsing. | 10.0 |
| 2006-12-19 | CVE-2006-6638 | Remote SQLJRA Packet Denial of Service vulnerability in IBM DB2 IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257. | 5.0 |
| 2006-12-19 | CVE-2006-6637 | Information Exposure vulnerability in IBM Websphere Application Server The Servlet Engine and Web Container in IBM WebSphere Application Server (WAS) before 6.0.2.17, when ibm-web-ext.xmi sets fileServingEnabled to true and servlet caching is enabled, allows remote attackers to obtain JSP source code and other sensitive information via "specific requests." | 5.0 |