Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:ibm:aix:5.3:sp6:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-4799 |
The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations. Published: September 10, 2007; 5:17:00 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2007-4353 |
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods. Published: August 14, 2007; 8:17:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2007-4354 |
Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. Published: August 14, 2007; 8:17:00 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2007-4355 |
Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors. Published: August 14, 2007; 8:17:00 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2007-4236 |
Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group privileges to gain root privileges. Published: August 08, 2007; 6:17:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2007-4237 |
Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges. Published: August 08, 2007; 6:17:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2007-4238 |
AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit. Published: August 08, 2007; 6:17:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2007-3333 |
Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 allows remote attackers to execute arbitrary code via a large number of terminal control sequences. Published: July 26, 2007; 6:30:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2007-4003 |
pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious library with the -R (ParseRoutine) command line argument. Published: July 26, 2007; 6:30:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2007-4004 |
Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries. Published: July 26, 2007; 6:30:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2007-3794 |
Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application. Published: July 15, 2007; 7:30:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2007-3626 |
Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before 20070706 allows remote attackers to cause a denial of service (daemon crash) via a certain request. Published: July 09, 2007; 12:30:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2007-2995 |
Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors. Published: June 04, 2007; 1:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-2996 |
Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl." Published: June 04, 2007; 1:30:00 PM -0400 |
V3.x:(not available) V2.0: 6.6 MEDIUM |
CVE-2007-2191 |
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php. Published: April 24, 2007; 1:19:00 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2007-1945 |
Unspecified vulnerability in the Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) before 6.1.0.7 has unknown impact and attack vectors. Published: April 10, 2007; 9:19:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2007-1913 |
The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. Published: April 10, 2007; 7:19:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2007-1915 |
Buffer overflow in the RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. Published: April 10, 2007; 7:19:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2007-1916 |
Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. Published: April 10, 2007; 7:19:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2007-1917 |
Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. Published: April 10, 2007; 7:19:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |