Vulnerabilities > IBM > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-18 | CVE-2007-4272 | Multiple Unspecified vulnerability in IBM DB2 Universal Database Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm). local ibm | 1.9 |
2007-08-13 | CVE-2007-4309 | Remote Security vulnerability in Lotus Notes IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696. network ibm | 3.5 |
2007-07-17 | CVE-2007-3830 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in alert.php in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 allows remote attackers to inject arbitrary web script or HTML via the reminder parameter. network ibm | 3.5 |
2006-12-18 | CVE-2006-6607 | Local Information Disclosure vulnerability in IBM Tivoli Identity Manager 4.6 The Java Key Store (JKS) for WebSphere Application Server (WAS) for IBM Tivoli Identity Manager (ITIM) 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods. low complexity ibm | 2.7 |
2006-10-05 | CVE-2006-5163 | Unspecified vulnerability in IBM Informix Dynamic Server 10.Ucrc1 IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack. | 3.6 |
2006-09-27 | CVE-2006-5004 | Local Arbitrary File Overwrite vulnerability in IBM AIX 5.2.0/5.3.0 Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors. | 2.1 |
2006-08-08 | CVE-2006-3856 | Denial-Of-Service vulnerability in Informix IDS IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors. | 2.1 |
2006-08-08 | CVE-2006-3858 | Multiple vulnerability in IBM Informix Dynamic Server IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in plaintext in shared memory, which allows local users to obtain passwords by reading the memory (product defects 171893, 171894, 173772). | 2.1 |
2006-04-19 | CVE-2006-1247 | Link Following vulnerability in IBM AIX rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 3.3 |
2006-01-09 | CVE-2006-0133 | Unspecified vulnerability in IBM AIX 5.3Ml03 Multiple directory traversal vulnerabilities in AIX 5.3 ML03 allow local users to determine the existence of files and read partial contents of certain files via a .. | 3.6 |