Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-11-23 | CVE-2004-0263 | PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information. | 5.0 |
| 2004-09-28 | CVE-2003-1049 | Unspecified vulnerability in IBM DB2 Universal Database 7.0/8.0 IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. | 4.6 |
| 2004-09-04 | CVE-2004-1663 | Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets. | 5.0 |
| 2004-08-06 | CVE-2004-0684 | Denial-Of-Service vulnerability in IBM products WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02, with the JunctionRewrite directive enabled, allows remote attackers to cause a denial of service via an HTTP GET request without any parameters. | 5.0 |
| 2004-08-06 | CVE-2004-0668 | Remote Denial Of Service vulnerability in IBM Lotus Domino Server Web Access Malicious Email View Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a denial of service (server crash) via a large e-mail message, as demonstrated using a large image attachment. | 5.0 |
| 2004-01-21 | CVE-2004-1759 | Resource Management Errors vulnerability in multiple products Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning. | 5.0 |
| 2004-01-20 | CVE-2003-0696 | Unspecified vulnerability in IBM AIX 5.1/5.2 The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close sockets, which allows attackers to cause a denial of service (resource exhaustion). | 5.0 |
| 2003-12-31 | CVE-2003-1527 | BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | 4.3 |
| 2003-12-31 | CVE-2003-1282 | Information Disclosure vulnerability in IBM Net.Data IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME), (2) $(DATABASE), (3) $(LOGIN), (4) $(PASSWORD), and possibly other predefined variables that can be echoed back to the user via a web form. | 5.0 |
| 2003-12-15 | CVE-2003-0914 | ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | 4.3 |