The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVSS Score
7.5
EPSS Score
0.009
Published
2003-03-03
Buffer overflow in lscfg of unknown versions of AIX has unknown impact.
CVSS Score
10.0
EPSS Score
0.005
Published
2002-12-31
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-12-31
IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers.
CVSS Score
5.0
EPSS Score
0.013
Published
2002-10-28
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
CVSS Score
5.0
EPSS Score
0.005
Published
2002-10-04
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
CVSS Score
5.0
EPSS Score
0.006
Published
2002-10-04
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
CVSS Score
10.0
EPSS Score
0.709
Published
2002-09-05
Buffer overflow in pioout on AIX 4.3.3.
CVSS Score
10.0
EPSS Score
0.006
Published
2002-08-12
mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow.
CVSS Score
10.0
EPSS Score
0.006
Published
2002-08-12
namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.
CVSS Score
10.0
EPSS Score
0.006
Published
2002-08-12