Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-15 | CVE-2007-4353 | Buffer Overflow vulnerability in IBM AIX Configuration Commands Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods. local ibm | 6.9 |
2007-08-08 | CVE-2007-4238 | Local Security vulnerability in AIX 5.2/5.3 AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit. local ibm | 6.9 |
2007-08-08 | CVE-2007-4237 | Local Security vulnerability in AIX 5.2/5.3 Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges. local ibm | 6.9 |
2007-08-08 | CVE-2007-4236 | Local Security vulnerability in AIX 5.2/5.3 Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group privileges to gain root privileges. local ibm | 6.9 |
2007-08-08 | CVE-2007-4228 | Local Buffer Overflow vulnerability in IBM AIX 4.3 rmpvc on IBM AIX 4.3 allows local users to cause a denial of service (system crash) via long port logical name (-l) argument. local ibm | 4.7 |
2007-08-03 | CVE-2007-4142 | Cross-Site Scripting vulnerability in IBM Lotus Sametime Server Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a crafted Sametime meeting. network ibm | 4.3 |
2007-07-26 | CVE-2007-4004 | Buffer Errors vulnerability in IBM AIX 5.2.0/5.3 Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. | 6.9 |
2007-07-26 | CVE-2007-4003 | Unspecified vulnerability in IBM AIX 5.3 pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious library with the -R (ParseRoutine) command line argument. local ibm | 6.9 |
2007-07-26 | CVE-2007-3333 | Buffer Errors vulnerability in IBM AIX 5.2.0/5.3 Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 allows remote attackers to execute arbitrary code via a large number of terminal control sequences. | 6.9 |
2007-06-26 | CVE-2007-3397 | Information Disclosure vulnerability in IBM WebSphere Application Server Closed Connection The web container in IBM WebSphere Application Server (WAS) before 6.0.2.21, and 6.1.x before 6.1.0.9, sends response data intended for a different request in certain circumstances after a closed connection error, which might allow remote attackers to obtain sensitive information. | 5.0 |