Filtered by vendor Ibm
Subscriptions
Total
7292 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2005-0250 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument. | ||||
CVE-2005-0240 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message. | ||||
CVE-2005-0156 | 7 Ibm, Larry Wall, Redhat and 4 more | 9 Aix, Perl, Enterprise Linux and 6 more | 2024-11-20 | N/A |
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. | ||||
CVE-2004-2762 | 1 Ibm | 2 Mvs, Tivoli Storage Manager | 2024-11-20 | N/A |
The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1. | ||||
CVE-2004-2697 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. | ||||
CVE-2004-2667 | 1 Ibm | 1 Lotus Domino | 2024-11-20 | N/A |
Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | ||||
CVE-2004-2663 | 1 Ibm | 1 Egatherer | 2024-11-20 | N/A |
The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder. | ||||
CVE-2004-2634 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors. | ||||
CVE-2004-2558 | 1 Ibm | 6 Tivoli Access Manager For E-business, Tivoli Access Manager Identity Manager Solution, Tivoli Configuration Manager and 3 more | 2024-11-20 | N/A |
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack." | ||||
CVE-2004-2526 | 1 Ibm | 1 Tivoli Directory Server | 2024-11-20 | N/A |
Directory traversal vulnerability in ldacgi.exe in IBM Tivoli Directory Server 4.1 and earlier allows remote attackers to view arbitrary files via a .. (dot dot) in the Template parameter. | ||||
CVE-2004-2490 | 1 Ibm | 2 Informix Dynamic Server, Informix Extended Parallel Server | 2024-11-20 | N/A |
Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.xC1 and 9.40.xC2 allows local users to execute arbitrary code via a long GL_PATH environment variable. | ||||
CVE-2004-2489 | 1 Ibm | 1 Informix Dynamic Server | 2024-11-20 | N/A |
Format string vulnerability in IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to execute arbitrary code via a modified INFORMIXDIR environment variable that points to a file with format string specifiers in the filename. | ||||
CVE-2004-2478 | 3 Ca, Ibm, Jetty | 3 Unicenter Web Services Distributed Management, Trading Partner Interchange, Jetty Http Server | 2024-11-20 | N/A |
Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Trading Partner Interchange before 4.2.4, (2) CA Unicenter Web Services Distributed Management (WSDM) before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
CVE-2004-2388 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user. | ||||
CVE-2004-2369 | 1 Ibm | 1 Lotus Domino | 2024-11-20 | N/A |
Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command. | ||||
CVE-2004-2319 | 1 Ibm | 2 Informix Dynamic Server, Informix Extended Parallel Server | 2024-11-20 | N/A |
IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit. | ||||
CVE-2004-2312 | 1 Ibm | 1 Aix | 2024-11-20 | N/A |
Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. | ||||
CVE-2004-2311 | 1 Ibm | 1 Lotus Domino | 2024-11-20 | N/A |
Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog. | ||||
CVE-2004-2310 | 1 Ibm | 1 Lotus Domino | 2024-11-20 | N/A |
Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows remote attackers to inject arbitrary web script or HTML via a Domino command in the Quick Console. | ||||
CVE-2004-2281 | 1 Ibm | 1 Lotus Notes | 2024-11-20 | N/A |
Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3. |