IBM : Security Vulnerabilities, CVEs, Published In 2007 (Denial of service)
Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files.
Max CVSS
7.8
EPSS Score
1.68%
Published
2007-06-06
Updated
2017-07-29
Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username.
Max CVSS
10.0
EPSS Score
92.68%
Published
2007-03-28
Updated
2017-07-29
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation.
Max CVSS
7.8
EPSS Score
23.14%
Published
2007-03-28
Updated
2017-07-29
Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-04-02
Updated
2017-10-11
CVE-2007-1868
Public exploit
The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.
Max CVSS
10.0
EPSS Score
84.31%
Published
2007-04-04
Updated
2017-07-29
The Java Message Service (JMS) in IBM WebSphere Application Server (WAS) before 6.1.0.7 allows attackers to cause a denial of service via unknown vectors involving the "double release [of] a bytebuffer input stream," possibly a double free vulnerability.
Max CVSS
5.0
EPSS Score
0.50%
Published
2007-04-11
Updated
2011-03-07
Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a "MemTree overflow."
Max CVSS
10.0
EPSS Score
24.14%
Published
2007-05-10
Updated
2018-10-16
Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier allows remote attackers to cause a denial of service related to a thread hang, and possibly related to a "TCP issue," or to MPAlarmThread and a resultant memory leak.
Max CVSS
7.8
EPSS Score
3.38%
Published
2007-06-19
Updated
2017-07-29
The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.
Max CVSS
7.5
EPSS Score
2.58%
Published
2007-07-18
Updated
2024-02-02
rmpvc on IBM AIX 4.3 allows local users to cause a denial of service (system crash) via long port logical name (-l) argument.
Max CVSS
4.7
EPSS Score
0.04%
Published
2007-08-08
Updated
2017-07-29
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.
Max CVSS
5.0
EPSS Score
2.49%
Published
2007-08-18
Updated
2018-10-15
The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-09-10
Updated
2011-03-08
CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections.
Max CVSS
7.8
EPSS Score
4.77%
Published
2007-11-21
Updated
2017-07-29
IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
Max CVSS
7.8
EPSS Score
1.41%
Published
2007-10-23
Updated
2011-05-12
Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service (application crash) via unspecified SQ_ONASSIST requests.
Max CVSS
4.9
EPSS Score
0.05%
Published
2007-11-14
Updated
2017-07-29
IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
Max CVSS
7.8
EPSS Score
0.45%
Published
2007-11-20
Updated
2011-03-08
16 vulnerabilities found