cbcvebase.

Ibm Personal Communications vulnerabilities

4 known vulnerabilities affecting ibm/personal_communications.

Total CVEs
4
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2012-0201P3CRITICALCVSS 9.3PoCv5.9.7.0v5.9.7.1+1 more2012-03-02
CVE-2012-0201 [CRITICAL] CWE-119 CVE-2012-0201: Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long profile string in a WorkStation (aka .ws) file.
nvd
CVE-2024-25029P2CRITICALCVSS 10.0≥ 14.0.6, ≤ 15.0.1vv14+1 more2024-04-06
CVE-2024-25029 [CRITICAL] CWE-119 CVE-2024-25029: IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable to r IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable to remote code execution (RCE) and local privilege escalation (LPE). The vulnerability allows any unprivileged user with network access to a target computer to run commands with full privileges in the context of NT AUTHORITY\SYSTEM. This allows for a lo
nvd
CVE-2025-1095P3HIGHCVSS 7.8v14.0.0v15.0.02025-04-08
CVE-2025-1095 [HIGH] CVE-2025-1095: IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local privil IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local privilege escalation (LPE). The vulnerability allows any interactively logged in users on the target computer to run commands with full privileges in the context of NT AUTHORITY\SYSTEM. This allows for a low privileged attacker to escalate their privileges. This vulner
nvd
CVE-2016-0321P4MEDIUMCVSS 6.2v12.0.0v6.0.0+16 more2016-07-17
CVE-2016-0321 [MEDIUM] CWE-200 CVE-2016-0321: IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.
nvd
Ibm Personal Communications vulnerabilities | cvebase