Vulnerabilities > IBM > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-09 | CVE-2007-3626 | Denial Of Service vulnerability in Hitachi TPBroker Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before 20070706 allows remote attackers to cause a denial of service (daemon crash) via a certain request. | 7.8 |
2007-07-03 | CVE-2007-3537 | Unspecified vulnerability in IBM OS 400 IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines sends responses to TCP SYN-FIN packets, which allows remote attackers to obtain system information and possibly bypass firewall rules. | 7.8 |
2007-06-19 | CVE-2007-3262 | Unspecified vulnerability in IBM Websphere Application Server Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier allows remote attackers to cause a denial of service related to a thread hang, and possibly related to a "TCP issue," or to MPAlarmThread and a resultant memory leak. | 7.8 |
2007-06-06 | CVE-2007-0067 | Remote Denial of Service vulnerability in IBM Lotus Domino Web Server Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files. | 7.8 |
2007-04-11 | CVE-2007-1945 | Unspecified vulnerability in IBM Websphere Application Server Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors. | 7.5 |
2007-04-02 | CVE-2007-1798 | Denial-Of-Service vulnerability in AIX 5.2/5.3 Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name. | 7.2 |
2007-03-28 | CVE-2007-1739 | HTML Injection vulnerability in IBM Lotus Domino 7.0/7.0.1/7.0.2 Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation. | 7.8 |
2007-03-22 | CVE-2007-1608 | HTTP Response Splitting vulnerability in IBM WebSphere Application Server CRLF injection vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.19 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a single CRLF sequence in a context that is not a valid multi-line header. | 7.5 |
2007-02-23 | CVE-2007-1089 | Local Security vulnerability in IBM DB2 Universal Database 8.0/9.1 IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors. | 7.2 |
2007-02-23 | CVE-2007-1088 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM DB2 Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows local users to execute arbitrary code via a long string in unspecified environment variables. | 7.2 |