IBM : Security Vulnerabilities, CVEs, Published In January 2011

CVE-2011-0679

IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a "modified message."
Max CVSS
5.0
EPSS Score
0.54%
Published
2011-01-28
Updated
2017-08-17

CVE-2011-0637

The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause a denial of service (system crash) via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.14%
Published
2011-01-25
Updated
2017-08-17

CVE-2011-0494

Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622.
Max CVSS
5.0
EPSS Score
0.55%
Published
2011-01-19
Updated
2017-08-17

CVE-2011-0486

Cross-site scripting (XSS) vulnerability in cognos.cgi in IBM Cognos 8 Business Intelligence (BI) 8.4.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via the pathinfo parameter.
Max CVSS
4.3
EPSS Score
0.27%
Published
2011-01-18
Updated
2018-10-09

CVE-2011-0316

The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict access to console servlets, which allows remote attackers to obtain potentially sensitive status information via a direct request.
Max CVSS
5.0
EPSS Score
0.48%
Published
2011-01-12
Updated
2017-08-17

CVE-2011-0315

Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web Container component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to the lack of an error page for an application.
Max CVSS
4.3
EPSS Score
0.26%
Published
2011-01-12
Updated
2017-08-17

CVE-2011-0314

Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue.
Max CVSS
6.5
EPSS Score
32.94%
Published
2011-01-12
Updated
2017-08-17

CVE-2011-0310

Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted header field in a message.
Max CVSS
6.8
EPSS Score
13.54%
Published
2011-01-13
Updated
2017-08-17
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close