Vulnerabilities > IBM > Rational Clearcase
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-09-23 | CVE-2014-3090 | XML Entity Expansion Denial of Service vulnerability in IBM Rational ClearCase IBM Rational ClearCase 7.1 before 7.1.2.15, 8.0.0 before 8.0.0.12, and 8.0.1 before 8.0.1.5 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 5.0 |
| 2014-03-21 | CVE-2014-0829 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Rational Clearcase Multiple buffer overflows in IBM Rational ClearCase 7.x before 7.1.2.13, 8.0.0.x before 8.0.0.10, and 8.0.1.x before 8.0.1.3 allow remote authenticated users to obtain privileged access via unspecified vectors. | 6.5 |
| 2013-12-19 | CVE-2013-5422 | Information Exposure vulnerability in IBM Rational Clearcase The Web Client in IBM Rational ClearQuest 7.1 through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2, when a multi-database dataset exists, allows remote attackers to read database names via unspecified vectors. | 4.3 |
| 2013-12-18 | CVE-2013-5416 | Local Privilege Escalation vulnerability in IBM Rational ClearCase Unspecified vulnerability in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2 allows local users to gain privileges via unknown vectors. | 7.2 |
| 2013-12-18 | CVE-2013-5415 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Rational Clearcase Buffer overflow in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2 allows local users to gain privileges via unspecified vectors. | 7.2 |
| 2013-09-25 | CVE-2013-5373 | Permissions, Privileges, and Access Controls vulnerability in IBM Rational Clearcase The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through 8.0.0.07, and 8.0.1, uses world-writable permissions for the rcleartool script, which allows local users to gain privileges by appending commands. | 6.9 |
| 2011-03-29 | CVE-2011-1205 | Buffer Errors vulnerability in IBM products Multiple buffer overflows in unspecified COM objects in Rational Common Licensing 7.0 through 7.1.1.4 in IBM Rational ClearCase 7.0.0.4 through 7.1.1.4, ClearQuest 7.0.0.4 through 7.1.1.4, and other products allow local users to gain privileges via a Trojan horse HTML document in the My Computer zone. | 6.9 |
| 2009-12-18 | CVE-2009-4357 | Information Exposure vulnerability in IBM Rational Clearcase and Rational Clearquest CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle use of legacy URLs for automatic login, which might allow attackers to discover the passwords for user accounts via unspecified vectors. | 5.0 |
| 2009-04-14 | CVE-2009-1292 | Information Exposure vulnerability in IBM Rational Clearcase UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, and 7.1.x before 7.1.0.1 on Linux and AIX places a username and password on the command line, which allows local users to obtain credentials by listing the process. | 2.1 |