Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-12 | CVE-2007-4833 | Unspecified vulnerability in IBM WebSphere Application Server Edge Component Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK44789. | 5.0 |
| 2007-09-10 | CVE-2007-4799 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX 5.3 The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations. | 4.9 |
| 2007-09-10 | CVE-2007-4798 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX 5.2/5.3 Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix". | 6.6 |
| 2007-08-18 | CVE-2007-4423 | Buffer Errors vulnerability in IBM DB2 Universal Database 8.0/9.0/9.1 Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument. | 5.0 |
| 2007-08-18 | CVE-2007-4418 | Multiple Unspecified vulnerability in IBM DB2 Universal Database IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. | 5.5 |
| 2007-08-18 | CVE-2007-4417 | Multiple Unspecified vulnerability in IBM DB2 Universal Database IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed. network ibm | 6.0 |
| 2007-08-18 | CVE-2007-4276 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM DB2 Universal Database Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer. | 6.9 |
| 2007-08-18 | CVE-2007-4275 | Multiple Unspecified vulnerability in IBM DB2 Universal Database Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on non-Windows systems, as demonstrated by AIX; and unspecified vectors involving (3) db2licm and (4) db2pd. local ibm | 6.9 |
| 2007-08-18 | CVE-2007-4273 | USE of Externally-Controlled Format String vulnerability in IBM DB2 Universal Database IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm). | 4.6 |
| 2007-08-18 | CVE-2007-4270 | Multiple Unspecified vulnerability in IBM DB2 Universal Database Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files. local ibm | 6.9 |