IBM : Security Vulnerabilities, CVEs, Published In 2004 (Overflow)
Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.xC1 and 9.40.xC2 allows local users to execute arbitrary code via a long GL_PATH environment variable.
Max CVSS
4.6
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-07-11
Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-07-11
Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN.
Max CVSS
5.0
EPSS Score
7.55%
Published
2004-12-31
Updated
2008-09-05
Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-01-27
Updated
2017-07-11
Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-07-11
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
Max CVSS
6.4
EPSS Score
96.23%
Published
2004-08-06
Updated
2021-06-06
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Max CVSS
10.0
EPSS Score
1.23%
Published
2004-08-06
Updated
2021-06-06
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
Max CVSS
10.0
EPSS Score
85.17%
Published
2004-05-04
Updated
2017-10-11
Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-09-28
Updated
2008-09-05
9 vulnerabilities found