CVSS: 4.3EPSS: 3%CPEs: 3EXPL: 0CVE-2011-2886
https://notcve.org/view.php?id=CVE-2011-2886
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application crash) via a .docx document with empty bullet styles for parent bullets. IBM Lotus Symphony 3 anterior a FP3 permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) mediante un documento .Docx con estilos de viñetas vacías para «viñetas padre». • http://osvdb.org/74160 http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm http://www.ibm.com/support/docview.wss?uid=swg21505448 http://www.securityfocus.com/bid/48936 https://exchange.xforce.ibmcloud.com/vulnerabilities/68890 https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_ • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 3%CPEs: 3EXPL: 0CVE-2011-2893
https://notcve.org/view.php?id=CVE-2011-2893
The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .xls spreadsheet with an invalid Value reference. La función Datapilot de IBM Lotus Symphony 3 antes de FP3 permite a atacantes remotos asistidos por usuarios a provocar una denegación de servicio (caída de aplicación) a través de una hoja de cálculo .Xls grande, con una referencia Value no válida. • http://osvdb.org/74166 http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm http://www.ibm.com/support/docview.wss?uid=swg21505448 http://www.securityfocus.com/bid/48936 https://exchange.xforce.ibmcloud.com/vulnerabilities/68748 https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_ • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 3%CPEs: 3EXPL: 0CVE-2011-2888
https://notcve.org/view.php?id=CVE-2011-2888
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application hang) via complex graphics in a presentation. IBM Lotus Symphony 3 anterior a FP3 permite a atacantes remotos causar una denegación de servicio (bloqueo de la aplicación) a través de gráficos complejos en una presentación. • http://osvdb.org/74165 http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm http://www.ibm.com/support/docview.wss?uid=swg21505448 http://www.securityfocus.com/bid/48936 https://exchange.xforce.ibmcloud.com/vulnerabilities/68888 https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_ • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 30%CPEs: 106EXPL: 0CVE-2011-1216
https://notcve.org/view.php?id=CVE-2011-1216
Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7. Desbordamiento de buffer de pila en assr.dll de Autonomy KeyView, como es utilizado en IBM Lotus Notes en versiones anteriores a la 8.5.2 FP3, permite a atacantes remotos ejecutar código de su elección a través de datos de etiqueta en un adjunto de hoja de cálculo Applix. También conocido como SPR PRAD8823A7. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907 http://secunia.com/advisories/44624 http://www.ibm.com/support/docview.wss?uid=swg21500034 http://www.securityfocus.com/bid/47962 https://exchange.xforce.ibmcloud.com/vulnerabilities/67623 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 9%CPEs: 106EXPL: 0CVE-2011-1214
https://notcve.org/view.php?id=CVE-2011-1214
Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ. Desbordamiento de búfer basado en pila en rtfsr.dll en Autonomy KeyView, tal como se utiliza en IBM Lotus Notes antes de v8.5.2 FP3, permite a atacantes remotos ejecutar código de su elección a través de un enlace a manipulado en un archivo .rtf adjunto, también conocido como SPR PRAD8823JQ. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905 http://secunia.com/advisories/44624 http://www.ibm.com/support/docview.wss?uid=swg21500034 http://www.securityfocus.com/bid/47962 https://exchange.xforce.ibmcloud.com/vulnerabilities/67621 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14309 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •