| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. |
| sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication. |
| Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag. |
| netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable. |
| dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. |
| Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings." |
| Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. |
| AIX cdmount allows local users to gain root privileges via shell metacharacters. |
| The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program. |
| Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument. |
| Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. |
| Buffer overflow in lsmcode in AIX 4.3.3. |
| IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. |
| IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string. |
| Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable. |
| Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability. |
| Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header. |
| A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. |
| The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request. |
| document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program. |
