CVE-2020-4422

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or...

CVE-2020-4343

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or...

CVE-2020-4287

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the...

CVE-2020-4263

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force...

Memory corruption

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force...

CVE-2020-4288

CVE-2020-4288 concerns IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (v9.2.1). The IBM security bulletin documents multiple memory-corruption vulnerabilities in the loading of .anb files that could allow a local attacker to execute arbitrary code or crash the application after a...

CVE-2020-4288

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the...

CVE-2020-4257

Summary (CVE-2020-4257): IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (9.2.1) are affected. The issue is a memory corruption in the product when loading specially crafted files, enabling a local attacker to execute arbitrary code. The vulnerability is triggered by opening a cra...

CVE-2019-4062

IBM i2 Intelligent Analyis Platform 9.0.0 through 9.1.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 157007...

CVE-2019-4062

IBM i2 Intelligent Analyis Platform 9.0.0 through 9.1.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 157007...

PT-2019-16873 · Ibm · Ibm I2 Intelligent Analyis Platform

Name of the Vulnerable Software and Affected Versions: IBM i2 Intelligent Analyis Platform versions 9.0.0 through 9.1.1 Description: The issue is related to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this to expose sensitive information o...