Vulnerabilities > Unix > High

DATE CVE VULNERABILITY TITLE RISK
2008-11-05 CVE-2008-4815 Permissions, Privileges, and Access Controls vulnerability in Adobe Acrobat and Acrobat Reader
Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is associated with an insecure RPATH.
network
low complexity
unix adobe CWE-264
7.5
2007-11-20 CVE-2007-6052 Privilege Escalation vulnerability in IBM DB2
IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
network
low complexity
linux microsoft unix ibm
7.8
2007-11-20 CVE-2007-6050 Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database
Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory."
local
low complexity
linux microsoft unix ibm CWE-264
7.2
2007-11-20 CVE-2007-6049 Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database
Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root.
local
low complexity
linux unix ibm CWE-264
7.2
2007-11-20 CVE-2007-6046 Privilege Escalation vulnerability in IBM DB2
Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact.
local
low complexity
linux microsoft unix ibm
7.2
2007-06-06 CVE-2007-3073 Directory Traversal vulnerability in Firefox
Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F (dot dot encoded slash) sequences in a resource:// URI.
network
low complexity
apple unix mozilla
7.8