Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909.
Max CVSS
8.8
EPSS Score
7.99%
Published
2007-12-28
Updated
2018-10-15
Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 allow attackers to gain privileges via "some HMC commands."
Max CVSS
4.6
EPSS Score
0.05%
Published
2007-12-10
Updated
2011-03-08
Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.
Max CVSS
9.3
EPSS Score
4.20%
Published
2007-11-10
Updated
2011-03-08
Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.
Max CVSS
9.3
EPSS Score
87.94%
Published
2007-11-10
Updated
2018-10-15
IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
Max CVSS
7.8
EPSS Score
1.41%
Published
2007-10-23
Updated
2011-05-12
Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Max CVSS
10.0
EPSS Score
0.21%
Published
2007-10-18
Updated
2008-09-05

CVE-2007-4880

Public exploit
Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905.
Max CVSS
10.0
EPSS Score
96.73%
Published
2007-09-28
Updated
2017-07-29
Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-09-10
Updated
2011-03-08
Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-09-10
Updated
2011-03-08
Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-09-10
Updated
2011-03-08
Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-09-10
Updated
2017-07-29
Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-09-10
Updated
2011-03-08
Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-09-10
Updated
2017-07-29
Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-09-10
Updated
2012-11-06
Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-11-05
Updated
2017-09-29
Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-11-05
Updated
2017-07-29
Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-11-05
Updated
2017-09-29

CVE-2007-4474

Public exploit
Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.
Max CVSS
9.3
EPSS Score
97.17%
Published
2007-12-27
Updated
2017-09-29
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.
Max CVSS
5.0
EPSS Score
1.83%
Published
2007-08-18
Updated
2018-10-15
Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-08-15
Updated
2017-07-29
Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-08-15
Updated
2017-07-29
Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer.
Max CVSS
6.9
EPSS Score
0.14%
Published
2007-08-18
Updated
2017-07-29
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm).
Max CVSS
4.6
EPSS Score
0.04%
Published
2007-08-18
Updated
2017-07-29
Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-08-08
Updated
2011-03-08
Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group privileges to gain root privileges.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-08-08
Updated
2011-03-08
41 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!