CVE-2018-1888
https://notcve.org/view.php?id=CVE-2018-1888
An untrusted search path vulnerability in IBM i Access for Windows versions 7.1 and earlier on Windows can allow arbitrary code execution via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function. IBM X-Force ID: 152079. Una vulnerabilidad de ruta de búsqueda no fiable en las versiones 7.1 y anteriores de IBM i Access for Windows, en Windows, podría permitir la ejecución de código arbitrario mediante un troyano DLL en el actual directorio de trabajo, el cual está relacionado con el uso de la función LoadLibrary. IBM X-Force ID: 152079. • http://www.securityfocus.com/bid/106455 https://exchange.xforce.ibmcloud.com/vulnerabilities/152079 https://www.ibm.com/support/docview.wss?uid=ibm10740233 • CWE-426: Untrusted Search Path •
CVE-2016-0287
https://notcve.org/view.php?id=CVE-2016-0287
IBM i Access 7.1 on Windows allows local users to discover registry passwords via unspecified vectors. IBM i Access 7.1 en Windows permite a usuarios locales descubrir las contraseñas de registro a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=nas8N1021418 http://www-01.ibm.com/support/docview.wss?uid=swg1SI60523 http://www.securityfocus.com/bid/91706 https://www.tenable.com/security/research/tra-2016-18 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •
CVE-2015-7416
https://notcve.org/view.php?id=CVE-2015-7416
AFP Workbench Viewer in IBM i Access 7.1 on Windows allows remote attackers to cause a denial of service (viewer crash) via a crafted workbench file. AFP Workbench Viewer en IBM i Access 7.1 en Windows permite a atacantes remotos provocar una denegación de servicio (caída de visor) a través de un archivo workbench manipulado. • http://www-01.ibm.com/support/docview.wss?uid=nas8N1020995 http://www-01.ibm.com/support/docview.wss?uid=swg1SI57907 • CWE-20: Improper Input Validation •
CVE-2015-7422 – IBM i Access 7.1 - Local Buffer Overflow / Code Execution
https://notcve.org/view.php?id=CVE-2015-7422
Buffer overflow in IBM i Access 7.1 on Windows allows local users to cause a denial of service (application crash) via unspecified vectors. Desbordamiento del buffer en IBM i Access 7.1 en Windows permite a usuarios locales provocar una denegación de servicio (caída de aplicación) a través de vectores no especificados. IBM i Access for Windows is vulnerability to a stack buffer overflow denial of service vulnerability. • https://www.exploit-db.com/exploits/38751 http://www-01.ibm.com/support/docview.wss?uid=nas8N1020996 http://www-01.ibm.com/support/docview.wss?uid=swg1SI57907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-2023 – IBM i Access 7.1 - Local Buffer Overflow / Code Execution
https://notcve.org/view.php?id=CVE-2015-2023
Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors. Desbordamiento de buffer en IBM i Access 7.1 en Windows permite a usuarios locales obtener privilegios a través de vectores no especificados. IBM i Access for Windows is vulnerable to a buffer overflow. A local attacker could overflow a buffer and execute arbitrary code on the Windows PC. • https://www.exploit-db.com/exploits/38751 http://www-01.ibm.com/support/docview.wss?uid=nas8N1020996 http://www-01.ibm.com/support/docview.wss?uid=swg1SI57907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •