Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-2887

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-27 Jul, 2011 | 20:00
Updated At-06 Aug, 2024 | 23:15
Rejected At-
Credits

IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to cause a denial of service (application crash) via a certain sample document.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:27 Jul, 2011 | 20:00
Updated At:06 Aug, 2024 | 23:15
Rejected At:
▼CVE Numbering Authority (CNA)

IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to cause a denial of service (application crash) via a certain sample document.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/68889
vdb-entry
x_refsource_XF
http://www.securityfocus.com/bid/48936
vdb-entry
x_refsource_BID
http://www.ibm.com/support/docview.wss?uid=swg21505448
x_refsource_CONFIRM
http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements
x_refsource_CONFIRM
https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_in_fixpack3_long.htm
x_refsource_CONFIRM
http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm
x_refsource_CONFIRM
http://osvdb.org/74163
vdb-entry
x_refsource_OSVDB
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/68889
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.securityfocus.com/bid/48936
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.ibm.com/support/docview.wss?uid=swg21505448
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements
Resource:
x_refsource_CONFIRM
Hyperlink: https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_in_fixpack3_long.htm
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm
Resource:
x_refsource_CONFIRM
Hyperlink: http://osvdb.org/74163
Resource:
vdb-entry
x_refsource_OSVDB
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/68889
vdb-entry
x_refsource_XF
x_transferred
http://www.securityfocus.com/bid/48936
vdb-entry
x_refsource_BID
x_transferred
http://www.ibm.com/support/docview.wss?uid=swg21505448
x_refsource_CONFIRM
x_transferred
http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements
x_refsource_CONFIRM
x_transferred
https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_in_fixpack3_long.htm
x_refsource_CONFIRM
x_transferred
http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm
x_refsource_CONFIRM
x_transferred
http://osvdb.org/74163
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/68889
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securityfocus.com/bid/48936
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.ibm.com/support/docview.wss?uid=swg21505448
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_in_fixpack3_long.htm
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://osvdb.org/74163
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:27 Jul, 2011 | 20:55
Updated At:11 Apr, 2025 | 00:51

IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to cause a denial of service (application crash) via a certain sample document.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
IBM Corporation
ibm
>>lotus_symphony>>3.0.0
cpe:2.3:a:ibm:lotus_symphony:3.0.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_symphony>>3.0.0.1
cpe:2.3:a:ibm:lotus_symphony:3.0.0.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>lotus_symphony>>3.0.0.2
cpe:2.3:a:ibm:lotus_symphony:3.0.0.2:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://osvdb.org/74163cve@mitre.org
N/A
http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcementscve@mitre.org
N/A
http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htmcve@mitre.org
N/A
http://www.ibm.com/support/docview.wss?uid=swg21505448cve@mitre.org
N/A
http://www.securityfocus.com/bid/48936cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/68889cve@mitre.org
N/A
https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_in_fixpack3_long.htmcve@mitre.org
N/A
http://osvdb.org/74163af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcementsaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htmaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=swg21505448af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/48936af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/68889af854a3a-2127-422b-91ae-364da2661108
N/A
https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_in_fixpack3_long.htmaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://osvdb.org/74163
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=swg21505448
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/48936
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/68889
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_in_fixpack3_long.htm
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://osvdb.org/74163
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=swg21505448
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/48936
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/68889
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_in_fixpack3_long.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

75Records found
CVE-2014-0921
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.56% / 67.13%
||
7 Day CHG~0.00%
Published-15 Apr, 2014 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The server in IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 allows remote attackers to cause a denial of service (daemon crash and message data loss) via malformed headers during a WebSockets connection upgrade.

Action-Not Available
Vendor-n/aIBM Corporation
Product-messagesight_jms_clientmessagesightn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-0922
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.56% / 67.13%
||
7 Day CHG~0.00%
Published-15 Apr, 2014 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 allows remote attackers to cause a denial of service (resource consumption) via WebSockets MQ Telemetry Transport (MQTT) data.

Action-Not Available
Vendor-n/aIBM Corporation
Product-messagesight_jms_clientmessagesightn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-0923
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.03% / 76.46%
||
7 Day CHG~0.00%
Published-15 Apr, 2014 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM MessageSight 1.x before 1.1.0.0-IBM-IMA-IT01015 allows remote attackers to cause a denial of service (daemon restart) via crafted MQ Telemetry Transport (MQTT) authentication data.

Action-Not Available
Vendor-n/aIBM Corporation
Product-messagesight_jms_clientmessagesightn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6325
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.92% / 75.06%
||
7 Day CHG~0.00%
Published-16 Jan, 2014 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Application Server 7.x before 7.0.0.31, 8.0.x before 8.0.0.8, and 8.5.x before 8.5.5.2 allows remote attackers to cause a denial of service (resource consumption) via a crafted request to a web services endpoint.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-6662
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-4.00% / 87.98%
||
7 Day CHG~0.00%
Published-07 Apr, 2009 | 23:00
Updated-07 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AVG Anti-Virus for Linux 7.5.51, and possibly earlier, allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via a malformed UPX compressed file, which triggers memory corruption.

Action-Not Available
Vendor-avgn/aLinux Kernel Organization, Inc
Product-linux_kernelavg_anti-virusn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0486
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.68% / 70.65%
||
7 Day CHG~0.00%
Published-27 Mar, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_dominon/a
CVE-2008-5257
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.76% / 72.33%
||
7 Day CHG~0.00%
Published-27 Nov, 2008 | 00:00
Updated-07 Aug, 2024 | 10:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_access_manager_for_e-businessn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-2885
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.28% / 78.77%
||
7 Day CHG~0.00%
Published-27 Jul, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application crash) via the sample .doc document that incorporates a user-defined toolbar.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_symphonyn/a
CVE-2008-3858
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.00% / 76.07%
||
7 Day CHG~0.00%
Published-28 Aug, 2008 | 17:00
Updated-07 Aug, 2024 | 09:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2_universal_databasen/a
CWE ID-CWE-264
Not Available
CVE-2018-13095
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 29.45%
||
7 Day CHG~0.00%
Published-03 Jul, 2018 | 05:00
Updated-05 Aug, 2024 | 08:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-13100
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.31% / 53.94%
||
7 Day CHG~0.00%
Published-03 Jul, 2018 | 05:00
Updated-05 Aug, 2024 | 08:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-369
Divide By Zero
CVE-2008-1707
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.36% / 79.35%
||
7 Day CHG~0.00%
Published-09 Apr, 2008 | 19:00
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a packet with an 0x11 value in a certain "type" field.

Action-Not Available
Vendor-n/aIBM Corporation
Product-soliddbn/a
CWE ID-CWE-399
Not Available
CVE-2008-1706
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.17% / 77.78%
||
7 Day CHG~0.00%
Published-09 Apr, 2008 | 19:00
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled array index in IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large value in a certain 32-bit field.

Action-Not Available
Vendor-n/aIBM Corporation
Product-soliddbn/a
CWE ID-CWE-189
Not Available
CVE-2018-11412
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-11.51% / 93.34%
||
7 Day CHG~0.00%
Published-24 May, 2018 | 18:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-416
Use After Free
CVE-2008-1708
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.17% / 77.78%
||
7 Day CHG~0.00%
Published-09 Apr, 2008 | 19:00
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field.

Action-Not Available
Vendor-n/aIBM Corporation
Product-soliddbn/a
CWE ID-CWE-399
Not Available
CVE-2011-2888
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.28% / 78.77%
||
7 Day CHG~0.00%
Published-27 Jul, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application hang) via complex graphics in a presentation.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_symphonyn/a
CVE-2007-2995
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.71% / 71.41%
||
7 Day CHG~0.00%
Published-04 Jun, 2007 | 17:00
Updated-07 Aug, 2024 | 13:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2012-4855
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.63% / 69.31%
||
7 Day CHG~0.00%
Published-05 Mar, 2013 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the web services framework in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 through 7.0.0.6 allows remote attackers to cause a denial of service (login outage) via unknown vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_commercen/a
CVE-2012-2180
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.00% / 76.07%
||
7 Day CHG~0.00%
Published-20 Jun, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The chaining functionality in the Distributed Relational Database Architecture (DRDA) module in IBM DB2 9.7 before FP6 and 9.8 before FP5 allows remote attackers to cause a denial of service (NULL pointer dereference, and resource consumption or daemon crash) via a crafted request.

Action-Not Available
Vendor-n/aIBM Corporation
Product-db2n/a
CVE-2012-2849
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-4.3||MEDIUM
EPSS-1.38% / 79.54%
||
7 Day CHG~0.00%
Published-06 Aug, 2012 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.

Action-Not Available
Vendor-n/aMicrosoft CorporationGoogle LLCApple Inc.Linux Kernel Organization, Inc
Product-mac_os_xwindowschromeframelinux_kerneln/a
CVE-2011-4087
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.96% / 75.61%
||
7 Day CHG~0.00%
Published-08 Jun, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an Ethernet bridge device.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-665
Improper Initialization
CVE-2011-2893
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.10% / 77.19%
||
7 Day CHG~0.00%
Published-27 Jul, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .xls spreadsheet with an invalid Value reference.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_symphonyn/a
CVE-2020-13143
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-2.15% / 83.55%
||
7 Day CHG~0.00%
Published-18 May, 2020 | 17:50
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxbootstrap_osa700s_firmwarecloud_backuph300s_firmwareh410c_firmwareh410sh610s_firmwareh300shci_compute_nodesolidfire_baseboard_management_controllersteelstore_cloud_integrated_storageh300e_firmwareh610sh500ehci_management_nodeh500s_firmwareh500e_firmwarea700sh700eh610c_firmwareh610cleaph300eh500sh615c_firmwareactive_iq_unified_managerelement_softwaresolidfiredebian_linuxlinux_kernelh410s_firmwareh700s_firmwareh615ch410ch700e_firmwaresolidfire_baseboard_management_controller_firmwareh700sn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2013-5387
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.66% / 70.13%
||
7 Day CHG~0.00%
Published-06 Nov, 2013 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in IBM Platform Symphony 5.2, 6.1, and 6.1.1 allows remote attackers to cause a denial of service (process crash or hang) via a malformed SOAP request with a large amount of request data.

Action-Not Available
Vendor-n/aIBM Corporation
Product-platform_symphonyn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-1130
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-65.48% / 98.42%
||
7 Day CHG~0.00%
Published-05 Sep, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371.

Action-Not Available
Vendor-IBM Corporation
Product-inotesNotes
  • Previous
  • 1
  • 2
  • Next
Details not found