Vulnerabilities > IBM > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-08-21 | CVE-2006-4254 | Local Privilege Escalation vulnerability in IBM AIX 5.1/5.2/5.3 Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors. | 7.5 |
2006-08-17 | CVE-2006-3860 | Multiple vulnerability in IBM Informix Dynamic Server IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the (1) "SET DEBUG FILE" SQL command, and the (2) start_onpload and (3) dbexp functions. | 7.5 |
2006-08-17 | CVE-2006-3854 | Unspecified vulnerability in IBM Informix Dynamic Database Server Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC7, 9.40.TC8, 10.00.TC4, and 10.00.TC5, when running on Windows, allows remote attackers to execute arbitrary code via a long username, which causes an overflow in vsprintf when displaying in the resulting error message. | 7.5 |
2006-08-14 | CVE-2006-4136 | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Application Server Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspecified impact and attack vectors involving (1) "SOAP requests and responses", (2) mbean, (3) ThreadIdentitySupport, and possibly others. | 7.5 |
2006-08-08 | CVE-2006-3862 | Multiple vulnerability in IBM Informix Dynamic Server Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable). | 7.5 |
2006-05-30 | CVE-2006-2647 | Local Privilege Escalation vulnerability in IBM AIX 5.1/5.2/5.3 Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands. | 7.2 |
2006-05-17 | CVE-2006-2436 | Remote Security vulnerability in IBM Websphere Application Server 5.0.0/5.0.1/5.0.2 WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords in plaintext in the FFDC logs when a login to WebSphere fails, which allows attackers to gain privileges. | 7.5 |
2006-05-17 | CVE-2006-2432 | Remote Security vulnerability in Websphere Application Server IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) and 5.1.1 (or any earlier cumulative fix) allows EJB access on Solaris systems via a crafted LTPA token. | 7.5 |
2006-05-12 | CVE-2006-2342 | Unspecified vulnerability in IBM Websphere Application Server 6.0.2 IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote attackers to bypass authentication for the Welcome Page via a request to the default context root. | 7.5 |
2006-03-17 | CVE-2006-1246 | Local Privilege Escalation vulnerability in IBM AIX 5.3 Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability. | 7.2 |