Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-05 | CVE-2007-4621 | Buffer Errors vulnerability in IBM AIX 5.2 Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments. | 7.2 |
| 2007-11-05 | CVE-2007-4513 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 5.2/5.3 Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv. | 7.2 |
| 2007-11-05 | CVE-2007-4217 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 5.2/5.3 Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command. | 7.2 |
| 2007-10-29 | CVE-2007-5544 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Lotus Notes IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session. | 7.8 |
| 2007-10-23 | CVE-2007-5652 | Buffer Errors vulnerability in IBM DB2 9.1 IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. | 7.8 |
| 2007-09-18 | CVE-2007-4938 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. | 7.6 |
| 2007-09-12 | CVE-2007-4839 | Remote Security vulnerability in IBM Websphere Application Server 6.1.0.9 Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803. | 7.5 |
| 2007-09-10 | CVE-2007-4797 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 5.2/5.3 Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors. | 7.2 |
| 2007-09-10 | CVE-2007-4796 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 5.2/5.3 Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | 7.2 |
| 2007-09-10 | CVE-2007-4795 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 5.2/5.3 Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name. | 7.2 |