IBM : Security Vulnerabilities, CVEs, Published In 2007 (Denial of service) CVSS score >= 6
IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
Max CVSS
7.8
EPSS Score
0.42%
Published
2007-11-20
Updated
2011-03-08
IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
Max CVSS
7.8
EPSS Score
1.41%
Published
2007-10-23
Updated
2011-05-12
CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections.
Max CVSS
7.8
EPSS Score
4.77%
Published
2007-11-21
Updated
2017-07-29
The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.
Max CVSS
7.5
EPSS Score
2.58%
Published
2007-07-18
Updated
2024-02-02
Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier allows remote attackers to cause a denial of service related to a thread hang, and possibly related to a "TCP issue," or to MPAlarmThread and a resultant memory leak.
Max CVSS
7.8
EPSS Score
3.48%
Published
2007-06-19
Updated
2017-07-29
Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a "MemTree overflow."
Max CVSS
10.0
EPSS Score
24.14%
Published
2007-05-10
Updated
2018-10-16
CVE-2007-1868
Public exploit
The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.
Max CVSS
10.0
EPSS Score
81.32%
Published
2007-04-04
Updated
2017-07-29
Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-04-02
Updated
2017-10-11
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation.
Max CVSS
7.8
EPSS Score
23.14%
Published
2007-03-28
Updated
2017-07-29
Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username.
Max CVSS
10.0
EPSS Score
92.68%
Published
2007-03-28
Updated
2017-07-29
Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files.
Max CVSS
7.8
EPSS Score
1.68%
Published
2007-06-06
Updated
2017-07-29
11 vulnerabilities found