Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-06-02 | CVE-2008-2513 | Buffer Errors vulnerability in IBM AIX 5.2/5.3/6.1 Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows local users to execute arbitrary code in kernel mode via unknown attack vectors. | 7.2 |
| 2008-05-29 | CVE-2008-2499 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Sametime Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL. | 7.5 |
| 2008-05-09 | CVE-2008-2122 | Missing Release of Resource after Effective Lifetime vulnerability in IBM Rational Build Forge 7.0.2 IBM Rational Build Forge 7.0.2 allows remote attackers to cause a denial of service (CPU consumption) via a port scan, which spawns multiple bfagent server processes that attempt to read data from closed sockets. | 7.5 |
| 2008-04-28 | CVE-2008-1998 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 8.0/9.1/9.5 The NNSTAT (aka SYSPROC.NNSTAT) procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 on Windows allows remote authenticated users to overwrite arbitrary files via the log file parameter. | 8.5 |
| 2008-04-09 | CVE-2008-1710 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX 6.1 Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows local users to gain privileges via a modified PATH environment variable. | 7.2 |
| 2008-03-31 | CVE-2008-1601 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 5.2/5.3 Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5.3 allows local users in the shutdown group to gain privileges. | 7.2 |
| 2008-03-31 | CVE-2008-1600 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX 5.2/5.3/6.1 The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly handle environment variables, which allows local users to gain privileges, a different vulnerability than CVE-2004-1329. | 7.2 |
| 2008-03-31 | CVE-2008-1599 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX 5.2/5.3/6.1 The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, which allows local users to gain privileges by invoking (1) atmstat, (2) entstat, (3) fddistat, (4) hdlcstat, or (5) tokstat. | 7.2 |
| 2008-03-31 | CVE-2008-1596 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX 5.2/5.3/6.1 Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to missing checks in the TSD_FILES_LOCK policy for modifications performed via hard links, a different vulnerability than CVE-2007-6680. | 7.2 |
| 2008-03-31 | CVE-2008-1593 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX 5.2/5.3/6.1 The checkpoint and restart feature in the kernel in IBM AIX 5.2, 5.3, and 6.1 does not properly protect kernel memory, which allows local users to read and modify portions of memory and gain privileges via unspecified vectors involving a restart of a 64-bit process, probably related to the as_getadsp64 function. | 7.2 |