Filtered by vendor Ibm Subscriptions
Total 7292 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-0545 1 Ibm 1 Aix 2024-11-20 N/A
LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack.
CVE-2004-0544 1 Ibm 1 Aix 2024-11-20 N/A
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
CVE-2004-0493 6 Apache, Avaya, Gentoo and 3 more 9 Http Server, Converged Communications Server, S8300 and 6 more 2024-11-20 N/A
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
CVE-2004-0492 6 Apache, Hp, Ibm and 3 more 8 Http Server, Virtualvault, Vvos and 5 more 2024-11-20 N/A
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
CVE-2004-0480 1 Ibm 1 Lotus Notes 2024-11-20 N/A
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe.
CVE-2004-0368 3 Ibm, Open Group, Xi Graphics 3 Aix, Cde Common Desktop Environment, Dextop 2024-11-20 N/A
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
CVE-2004-0263 2 Apache, Ibm 2 Http Server, Http Server 2024-11-20 N/A
PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
CVE-2004-0253 1 Ibm 1 Cloudscape 2024-11-20 N/A
IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to execute arbitrary programs or cause a denial of service via certain SQL code, possibly due to a SQL injection vulnerability.
CVE-2004-0243 1 Ibm 1 Aix 2024-11-20 N/A
AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.
CVE-2004-0029 1 Ibm 1 Lotus Domino 2024-11-20 N/A
Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges.
CVE-2003-5003 1 Ibm 1 Iss Blackice Pc Protection 2024-11-20 5 Medium
A vulnerability was found in ISS BlackICE PC Protection. It has been rated as problematic. Affected by this issue is the Update Handler. The manipulation with an unknown input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2003-5002 1 Ibm 1 Iss Blackice Pc Protection 2024-11-20 3.7 Low
A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2003-5001 1 Ibm 1 Iss Blackice Pc Protection 2024-11-20 5.3 Medium
A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2003-1570 1 Ibm 1 Tivoli Storage Manager 2024-11-20 N/A
The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to "session exposure."
CVE-2003-1527 2 Ibm, Iss 2 Internet Security Systems Blackice Defender, Blackice Server Protection 2024-11-20 N/A
BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
CVE-2003-1447 1 Ibm 1 Websphere Application Server 2024-11-20 N/A
IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML.
CVE-2003-1437 6 Bea, Hp, Ibm and 3 more 8 Weblogic Server, Hp-ux, Aix and 5 more 2024-11-20 N/A
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.
CVE-2003-1361 2 Ibm, Veritas 2 Tivoli Storage Manager, Bare Metal Restore 2024-11-20 N/A
Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 allows remote attackers to gain root privileges on the BMR Main Server.
CVE-2003-1282 1 Ibm 1 Net.data 2024-11-20 N/A
IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME), (2) $(DATABASE), (3) $(LOGIN), (4) $(PASSWORD), and possibly other predefined variables that can be echoed back to the user via a web form.
CVE-2003-1104 1 Ibm 1 Tivoli Firewall Toolbox 2024-11-20 N/A
Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remote attackers to execute arbitrary code via unknown vectors.