IBM » Net.data : Security Vulnerabilities, CVEs,

CVE-2004-1442

Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error messages such as "DTWP001E."
Max CVSS
4.3
EPSS Score
0.41%
Published
2004-12-31
Updated
2017-07-12

CVE-2000-1110

document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.
Max CVSS
5.0
EPSS Score
0.32%
Published
2001-01-09
Updated
2008-09-05

CVE-2000-0677

Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable.
Max CVSS
10.0
EPSS Score
0.58%
Published
2000-10-20
Updated
2017-10-10
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close