IBM : Security Vulnerabilities, CVEs, Published In 2012 (Directory traversal)
Multiple directory traversal vulnerabilities in the vendor daemon in Rational Common Licensing in Telelogic License Server 2.0, Rational License Server 7.x, and ibmratl in IBM Rational License Key Server (RLKS) 8.0 through 8.1.2 allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: this might overlap CVE-2011-4135.
Max CVSS
10.0
EPSS Score
13.54%
Published
2012-01-19
Updated
2017-08-17
Directory traversal vulnerability in the Eclipse Help component in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows remote attackers to discover the locations of files via a crafted URL.
Max CVSS
4.3
EPSS Score
0.29%
Published
2012-06-22
Updated
2017-08-29
Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL.
Max CVSS
5.0
EPSS Score
0.26%
Published
2012-07-03
Updated
2017-08-29
Directory traversal vulnerability in the SQLJ.DB2_INSTALL_JAR stored procedure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to replace JAR files via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.85%
Published
2012-07-25
Updated
2017-12-22
Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the template parameter.
Max CVSS
3.5
EPSS Score
0.33%
Published
2012-07-27
Updated
2017-12-22
Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file.
Max CVSS
6.4
EPSS Score
0.40%
Published
2012-09-25
Updated
2017-08-29
Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.
Max CVSS
9.0
EPSS Score
0.22%
Published
2012-09-25
Updated
2017-08-29
Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote attackers to read arbitrary files via a crafted URI.
Max CVSS
5.0
EPSS Score
0.27%
Published
2012-11-30
Updated
2018-12-04
8 vulnerabilities found