Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Aix  >> 5.2  Security Vulnerabilities
CVE-2007-5805
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804.
CVSS Score
6.9
EPSS Score
0.0
Published
2007-11-05
CVE-2007-4217
Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command.
CVSS Score
7.2
EPSS Score
0.001
Published
2007-11-05
CVE-2007-4513
Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv.
CVSS Score
7.2
EPSS Score
0.002
Published
2007-11-05
CVE-2007-4621
Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.
CVSS Score
7.2
EPSS Score
0.001
Published
2007-11-05
CVE-2007-4622
Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig.
CVSS Score
7.2
EPSS Score
0.001
Published
2007-11-05
CVE-2007-4623
Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command.
CVSS Score
7.2
EPSS Score
0.001
Published
2007-11-05
CVE-2007-4938
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
CVSS Score
7.6
EPSS Score
0.095
Published
2007-09-18
CVE-2007-4791
Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978.
CVSS Score
7.2
EPSS Score
0.0
Published
2007-09-10
CVE-2007-4793
Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.001
Published
2007-09-10
CVE-2007-4794
Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.
CVSS Score
7.2
EPSS Score
0.0
Published
2007-09-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved