Page 12 of 97 results (0.005 seconds)

CVSS: 9.3EPSS: 60%CPEs: 13EXPL: 0

CVE-2007-6020

https://notcve.org/view.php?id=CVE-2007-6020

Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file. Múltiples desbordamientos de búfer basados en pila en foliosr.dll en el lector rápido Folio Flat File de Autonomy (anteriormente Verity) KeyView 10.3.0.0, usado por IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, permiten a atacentes remotos ejecutar código de su eleccióna través de un valor largo en los atributos de las etiquetas (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS en un fichero .fff. • http://secunia.com/advisories/27763 http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/advisories/29342 http://secunia.com/secunia_research/2007-104/advisory http://secunia.com/secunia_research/2007-105/advisory http://secunia.com/secunia_research/2007-106/advisory http://secunia.com/secunia_research/2007-107/advisory http://securitytracker.com/id?1019805 http://www-1.ibm.com/support/docview.wss?rs=463 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 33%CPEs: 3EXPL: 0

CVE-2008-0066

https://notcve.org/view.php?id=CVE-2008-0066

Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element. Múltiples desbordamientos de búfer en htmsr.dll en el lector rápido HTML de Autonomy (anteriormente Verity) KeyView, usado por IBM Lotus Notes 7.0.2 and 7.0.3, permiten a atacantes remotos ejecutar código de su elección a través un documento HTML con (1)"large chunks of data," (grandes cadenas/trozos de datos) o una URL larga en (2) el atributo BACKGROUND del elemento BODY (3) o a través del atributo SRC de una etiqueta IMG. • http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/secunia_research/2008-3/advisory http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453 http://www.securityfocus.com/archive/1/490828/100/0/threaded http://www.securityfocus.com/bid/28454 http://www.securitytracker.com/id?1019843 http://www.vupen.com/english/advisories/2008/1153 http://www.vupen.com/english/advisories/2008/1156 https: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 51%CPEs: 7EXPL: 0

CVE-2008-1101

https://notcve.org/view.php?id=CVE-2008-1101

Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document. Desbordamiento de búfer en el motor del visor de documentos KeyView de Autonomy (anteriormente Verity) KeyView, usado por IBM Lotus Notes 7.0.2 y 7.0.3, permite a atacantes remotos ejecutar código de su elección a través de un nombre de ruta largo, como se ha demostrado usando un atributo SRC largo en una etiqueta IMG de un documento HTML. • http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/secunia_research/2008-12/advisory http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453 http://www.securityfocus.com/archive/1/490826/100/0/threaded http://www.securityfocus.com/bid/28454 http://www.vupen.com/english/advisories/2008/1153 http://www.vupen.com/english/advisories/2008/1156 https://exchange.xforce.ibmcloud.com/vulnerabilities/4 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 3%CPEs: 6EXPL: 0

CVE-2008-1718

https://notcve.org/view.php?id=CVE-2008-1718

Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment. Desbordamiento de búfer en mimesr.dll en Autonomy (anteriormente Verity) KeyView, usado en IBM Lotus Notes anterior a 8.0, puede permitir a atacantes remotos asistidos por el usuario ejecutar código de su elección a través de un mensaje de correo electrónico con un adjunto (MIME) manipulado. • http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453 https://exchange.xforce.ibmcloud.com/vulnerabilities/41856 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 8%CPEs: 3EXPL: 0

CVE-2007-6706

https://notcve.org/view.php?id=CVE-2007-6706

Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP. Vulnerabilidad sin especificar en nlnotes.dll en el cliente de IBM Lotus Notes 6.5, 7.0.x antes de 7.0.2 CCH or 7.0.3, y posiblemente 8.0 permite a atacantes remotos ejecutar código de su elección a través de un texto manipulado en un email enviado por SMTP. • http://osvdb.org/40956 http://secunia.com/advisories/27279 http://securitytracker.com/id?1019464 http://www-1.ibm.com/support/docview.wss?uid=swg21271957 http://www.vupen.com/english/advisories/2007/3597 • CWE-94: Improper Control of Generation of Code ('Code Injection') •