IBM : Security Vulnerabilities, CVEs, Published In 2005 CVSS score >= 9
Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter.
Max CVSS
9.3
EPSS Score
25.65%
Published
2005-12-31
Updated
2017-07-29
Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname.
Max CVSS
10.0
EPSS Score
25.84%
Published
2005-12-31
Updated
2017-07-29
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
Max CVSS
10.0
EPSS Score
7.41%
Published
2005-12-15
Updated
2018-10-19
Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview.
Max CVSS
9.3
EPSS Score
2.87%
Published
2005-12-31
Updated
2018-10-19
Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll).
Max CVSS
9.3
EPSS Score
94.99%
Published
2005-12-31
Updated
2018-10-19
Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.
Max CVSS
10.0
EPSS Score
0.69%
Published
2005-05-02
Updated
2008-09-05
Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor.
Max CVSS
10.0
EPSS Score
0.26%
Published
2005-04-27
Updated
2016-10-18
7 vulnerabilities found