CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

IBM : Security Vulnerabilities Published In 2005 (Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2005-4870 119 Exec Code Overflow 2005-12-31 2008-09-05
4.3
None Remote Medium Not required None Partial None
Stack-based buffer overflows in the (1) xmlvarcharfromfile, (2) xmlclobfromfile, (3) xmlfilefromvarchar, and (4) xmlfilefromclob function calls in IBM DB2 8.1 allow remote attackers to execute arbitrary code via a 94-byte second argument, which causes the return address to be overwritten with a pointer to the argument.
2 CVE-2005-4867 119 Exec Code Overflow 2005-12-31 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter.
3 CVE-2005-4865 119 Exec Code Overflow 2005-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname.
4 CVE-2005-4864 119 Exec Code Overflow 2005-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable.
5 CVE-2005-4863 119 Exec Code Overflow 2005-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter.
6 CVE-2005-4272 Exec Code Overflow 2005-12-15 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
7 CVE-2005-4271 Exec Code Overflow 2005-12-15 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code.
8 CVE-2005-3504 Exec Code Overflow 2005-11-05 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute arbitrary code.
9 CVE-2005-3396 Exec Code Overflow 2005-11-01 2009-03-04
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.
10 CVE-2005-3060 Exec Code Overflow 2005-09-30 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.
11 CVE-2005-2618 119 Exec Code Overflow 2005-12-31 2011-09-06
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll).
12 CVE-2005-2237 Exec Code 2005-07-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments.
13 CVE-2005-2236 Exec Code 2005-07-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.
14 CVE-2005-2235 Exec Code Overflow 2005-07-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
15 CVE-2005-2234 Exec Code Overflow 2005-07-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
16 CVE-2005-2233 Exec Code Overflow 2005-07-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare.
17 CVE-2005-2232 Exec Code Overflow 2005-07-12 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument.
18 CVE-2005-1872 Exec Code Overflow 2005-06-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code.
19 CVE-2005-1442 DoS Exec Code Overflow 2005-05-03 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file.
20 CVE-2005-1101 DoS Exec Code Overflow 2005-05-02 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Lotus Domino Server 6.0.5 and 6.5.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via large amounts of data in certain (1) time or (2) date fields.
21 CVE-2005-0868 Exec Code 2005-05-02 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC.
22 CVE-2005-0263 Exec Code Overflow 2005-05-02 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
23 CVE-2005-0262 Exec Code Overflow 2005-05-02 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.
24 CVE-2005-0250 Exec Code 2005-05-02 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument.
25 CVE-2005-0240 Exec Code 2005-05-02 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message.
26 CVE-2005-0156 Exec Code Overflow 2005-02-07 2013-10-23
2.1
None Local Low Not required None Partial None
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
Total number of vulnerabilities : 26   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.