Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-10 | CVE-2013-0579 | Permissions, Privileges, and Access Controls vulnerability in IBM Infosphere Optim Data Growth for Oracle E-Business Suite The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote attackers to impersonate arbitrary users by leveraging access to a legitimate user's web browser either (1) before or (2) after authentication. | 4.3 |
| 2013-10-10 | CVE-2013-0577 | Permissions, Privileges, and Access Controls vulnerability in IBM Infosphere Optim Data Growth for Oracle E-Business Suite The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote authenticated users to bypass intended access restrictions and create, modify, or delete documents or scripts via unspecified vectors. | 5.2 |
| 2013-10-04 | CVE-2013-5419 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 6.1/7.1 Multiple buffer overflows in (1) mkque and (2) mkquedev in bos.rte.printers in IBM AIX 6.1 and 7.1 allow local users to gain privileges by leveraging printq group membership. | 6.9 |
| 2013-10-02 | CVE-2013-4067 | Permissions, Privileges, and Access Controls vulnerability in IBM Infosphere Information Server IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to hijack sessions and read cookie values, or conduct phishing attacks to capture credentials, via unspecified vectors. | 5.8 |
| 2013-10-02 | CVE-2013-4066 | Improper Input Validation vulnerability in IBM Infosphere Information Server IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to conduct clickjacking attacks by creating an overlay interface on top of the Web Console interface. | 4.3 |
| 2013-10-02 | CVE-2013-4032 | Improper Input Validation vulnerability in IBM DB2 10.1/10.5 The Fast Communications Manager (FCM) in IBM DB2 Enterprise Server Edition and Advanced Enterprise Server Edition 10.1 before FP3 and 10.5, when a multi-node configuration is used, allows remote attackers to cause a denial of service via vectors involving arbitrary data. | 5.0 |
| 2013-10-01 | CVE-2013-5383 | Permissions, Privileges, and Access Controls vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5382. | 4.0 |
| 2013-10-01 | CVE-2013-5382 | Unspecified vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5383. | 4.0 |
| 2013-10-01 | CVE-2013-5381 | Unspecified vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to gain privileges via unspecified vectors. | 6.5 |
| 2013-10-01 | CVE-2013-4027 | Permissions, Privileges, and Access Controls vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors. | 6.5 |