29 matches found
CVE-2020-4422
CVE-2020-4422 affects IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium, version 9.2.1. The issue is a memory corruption vulnerability that could allow a remote attacker to execute arbitrary code or cause a crash by convincing a user to open a specially crafted file. Affected produc...
CVE-2021-39050
The CVE-2021-39050 entry affects IBM i2 Analyst’s Notebook versions 9.2.0, 9.2.1, and 9.2.2, describing a stack-based buffer overflow caused by improper bounds checking that could allow a local attacker to escalate privileges. The IBM security bulletin (9.3.1 update) and related IBM X-Force refer...
CVE-2020-4343
CVE-2020-4343 affects IBM i2 Analysts Notebook and IBM i2 Analysts Notebook Premium v9.2.1. The IBM bulletin describes memory corruption as the root cause, allowing a remote attacker to execute arbitrary code or cause a crash by convincing a user to open a specially crafted file. Affected product...
CVE-2020-4552
CVE-2020-4552 affects IBM i2 Analyst’s Notebook 9.2.1 (and related IBM i2 products) and is caused by a memory corruption vulnerability that could allow a local attacker to execute arbitrary code by persuading a user to open a specially crafted file. The CVSS-derived assessments in the sources cit...
CVE-2020-4724
CVE-2020-4724 affects IBM i2 Analyst’s Notebook (versions 9.2.0 and 9.2.1). The vulnerability is a memory corruption flaw that enables a local attacker to execute arbitrary code by persuading a user to open a specially crafted file, as documented in the IBM security bulletin for Analyst’s Noteboo...
CVE-2020-4257
Summary (CVE-2020-4257): IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (9.2.1) are affected. The issue is a memory corruption in the product when loading specially crafted files, enabling a local attacker to execute arbitrary code. The vulnerability is triggered by opening a cra...
CVE-2021-39049
CVE-2021-39049 affects IBM i2 Analyst’s Notebook 9.2.0, 9.2.1, and 9.2.2, with a stack-based buffer overflow caused by improper bounds checking. A local attacker could overflow a buffer and gain lower-privilege access. IBM’s security bulletin notes a memory-corruption vulnerability and directs re...
CVE-2020-4261
The connected IBM bulletin confirms CVE-2020-4261 affects IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (version 9.2.1). Root cause: memory corruption during loading of .anb files, enabling a local attacker to execute arbitrary code by tricking a user into opening a crafted file...
CVE-2020-4468
Summary of the CVE and affected products : CVE-2020-4468 affects IBM i2 Analyst’s Notebook (9.2.1) and IBM i2 Analyst’s Notebook Premium (9.2.1). The connected IBM security bulletin confirms the root cause as memory corruption during loading of certain files, enabling a remote attacker to execute...
CVE-2020-4550
IBM i2 Analyst’s Notebook 9.2.1 and 9.2.2 are affected by a memory corruption vulnerability that could allow a local attacker to execute arbitrary code by convincing a user to open a specially-crafted file. The issue is documented in IBM’s security bulletin and tied to CVE-2020-4550. Root cause: ...
CVE-2020-4287
IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (9.2.1) are affected by CVE-2020-4287. The issue is a memory corruption in the loading process of .anb files, allowing a remote attacker to execute arbitrary code (with the victim’s privileges) or crash the application when a user op...
CVE-2020-4288
CVE-2020-4288 concerns IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (v9.2.1). The IBM security bulletin documents multiple memory-corruption vulnerabilities in the loading of .anb files that could allow a local attacker to execute arbitrary code or crash the application after a...
CVE-2020-4722
IBM i2 Analyst’s Notebook (versions 9.2.0 and 9.2.1) is affected by a memory corruption vulnerability that could allow a local attacker to execute arbitrary code by persuading a user to open a specially crafted file. The issue, tracked as CVE-2020-4722, has a high impact (C/H/I/A = High) with a l...
CVE-2020-4263
Affected software: IBM i2 Analyst's Notebook and IBM i2 Analyst's Notebook Premium 9.2.1. The CVE-2020-4263 entry describes a memory corruption vulnerability that could allow a local attacker to execute arbitrary code by convincing a user to open a specially crafted file. The IBM Security Bulleti...
CVE-2020-4467
CVE-2020-4467 affects IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (version 9.2.1). The issue is a memory corruption vulnerability in the handling of specially crafted documents that could allow a remote attacker to execute arbitrary code on the system with the victim’s privile...
CVE-2020-4258
The CVE-2020-4258 entry affects IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (v9.2.1) due to memory corruption when loading certain files (.anb). The IBM Security Bulletin documents multiple memory-corruption vulnerabilities around loading files, enabling a local attacker to ex...
CVE-2020-4264
CVE-2020-4264 affects IBM i2 Analyst’s Notebook and Analyst’s Notebook Premium v9.2.1, caused by memory corruption when loading certain files, enabling local arbitrary-code execution. IBM’s bulletin notes multiple memory-corruption vulnerabilities in these products and provides fixes via Fix Cent...
CVE-2020-4285
IBM i2 Analyst’s Notebook and IBM i2 Analysts Notebook Premium (version 9.2.1) are affected by CVE-2020-4285, a memory corruption vulnerability tied to loading .anb files. An attacker could exploit this via a specially crafted document to execute arbitrary code with the victim’s privileges or cau...
CVE-2020-4554
Summary of CVE-2020-4554 : Affects IBM i2 Analyst’s Notebook (9.2.1) and IBM i2 Analyst’s Notebook Premium (9.2.1). The vulnerability is caused by a memory corruption in the affected software, which could allow a local attacker to execute arbitrary code after a user opens a specially crafted file...
CVE-2020-4721
CVE-2020-4721 affects IBM i2 Analyst’s Notebook 9.2.0 and 9.2.1. The root cause is memory corruption that could allow a local attacker to execute arbitrary code after a user opens a specially crafted file. The IBM security bulletin confirms this class of vulnerabilities and provides fixes via IBM...
CVE-2020-4266
CVE-2020-4266 affects IBM i2 Analyst's Notebook and IBM i2 Analyst's Notebook Premium (version 9.2.1). The vulnerability is a local memory corruption that could allow a locally authenticated user to execute arbitrary code by persuading a victim to open a specially crafted file. The IBM security b...
CVE-2020-4723
IBM i2 Analyst’s Notebook versions 9.2.0 and 9.2.1 are affected by CVE-2020-4723 due to memory corruption. The vulnerability enables a local attacker to execute arbitrary code by convincing a victim to open a specially crafted file. Underlying issue is memory corruption within the affected applic...
CVE-2020-4262
IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (9.2.1) are affected by CVE-2020-4262 due to memory corruption during loading of .anb files. A local attacker could exploit a specially crafted file to execute arbitrary code on the system. The IBM Security Bulletin confirms multiple...
CVE-2020-4549
CVE-2020-4549 affects IBM i2 Analyst’s Notebook 9.2.1 (and IBM i2 Analyst’s Notebook Premium 9.2.1). The vulnerability is caused by memory corruption, allowing a local attacker to execute arbitrary code by convincing a user to open a specially crafted file. IBM’s bulletin notes the fix was applie...
CVE-2020-4551
CVE-2020-4551 affects IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (versions 9.2.1 and 9.2.2). The issue is a memory corruption weakness that could allow a local attacker to execute arbitrary code by convincing a user to open a specially crafted file. IBM’s bulletin confirms me...
CVE-2021-20431
The CVE-2021-20431 vulnerability affects IBM i2 Analyst’s Notebook Premium 9.2.0, 9.2.1, and 9.2.2, where sessions are not invalidated after logout, potentially allowing an attacker to obtain sensitive information from the system. The issue is documented with a base CVSSv3.1 score of 6.5 (Network...
CVE-2021-29767
CVE-2021-29767 affects IBM i2 Analyst’s Notebook Premium versions 9.2.0, 9.2.1 and 9.2.2. The vulnerability is an information-disclosure flaw where a remote attacker could obtain sensitive data when a detailed technical error message is returned in the browser, enabling potential follow-on attack...
CVE-2020-4553
CVE-2020-4553 affects IBM i2 Analyst’s Notebook 9.2.1 and 9.2.2. The issue is a memory corruption in the product that could allow a local attacker to execute arbitrary code by convincing a user to open a specially crafted file. The IBM advisory notes that fixes were applied in the latest update p...
CVE-2020-4265
IBM i2 Analyst's Notebook and IBM i2 Analyst's Notebook Premium (version 9.2.1) are affected by multiple memory corruption vulnerabilities triggered by opening specially-crafted files/.anb documents, allowing a local attacker to execute arbitrary code. IBM cites a fix pack as the mitigation and p...