CVSS: 5.0EPSS: 4%CPEs: 10EXPL: 1CVE-2004-2280 – IBM Lotus Notes 6.0/6.5 - Multiple Java Applet Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-2280
Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN. • https://www.exploit-db.com/exploits/24275 http://secunia.com/advisories/12046 http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en http://www.osvdb.org/8418 http://www.securityfocus.com/bid/10704 •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2004-2281
https://notcve.org/view.php?id=CVE-2004-2281
Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3. • http://secunia.com/advisories/12046 http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en http://www.osvdb.org/8416 http://www.osvdb.org/8417 http://www.securityfocus.com/bid/10704 •
CVSS: 10.0EPSS: 72%CPEs: 2EXPL: 1CVE-2004-0480
https://notcve.org/view.php?id=CVE-2004-0480
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe. Vulnerabilidad de inyección de argumentos en IBM Lotus Notes 6.0.3 y 6.5 permite a atacantes remotos ejecutar código de su eleccion mediante una URI notes: que usa un nombre de ruta de red UNC para proveer un fichero de configuración notes.ini alternativo a notes.exe. • http://marc.info/?l=bugtraq&m=108843896506099&w=2 http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP&uid=swg21169510 http://www.idefense.com/application/poi/display?id=111&type=vulnerabilities http://www.securityfocus.com/bid/10600 https://exchange.xforce.ibmcloud.com/vulnerabilities/16496 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 0CVE-2003-0179
https://notcve.org/view.php?id=CVE-2003-0179
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control. Desbordamiento de búfer en el manejador de control de objetos COM para Lotus Domino 6.0.1 y versiones anteriores, permite a atacantes remotos la ejecución de código arbitrario mediante vectores de ataque múltiple, como se demuestra utilizando el método InitializeUsingNotesUserName en el control ActiveX de iNotes. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html http://marc.info/?l=bugtraq&m=104550124032513&w=2 http://marc.info/?l=bugtraq&m=104550335103136&w=2 http://marc.info/?l=ntbugtraq&m=104558778131373&w=2 http://marc.info/?l=ntbugtraq&m=104558778331387&w=2 http://www-1.ibm.com/support/docview.wss? •
CVSS: 5.0EPSS: 1%CPEs: 29EXPL: 0CVE-2003-0122
https://notcve.org/view.php?id=CVE-2003-0122
Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field. Desbordamiento de búfer en el servidor de Lotus Notes R4, R5 anteriores a 5.0.11 y betas de R6 permite a atacantes remotos ejecutar código arbitrario mediante un nombre distinguido (DN) largo durante la autenticación NotesRPC y una longitud externa del campo menor que la del campo DN. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0125.html http://marc.info/?l=bugtraq&m=104757319829443&w=2 http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105101 http://www.cert.org/advisories/CA-2003-11.html http://www.ciac.org/ciac/bulletins/n-065.shtml http://www.kb.cert.org/vuls/id/433489 http://www.rapid7.com/advisories/R7-0010.html http://www.securityfocus.com/bid/7037 https://exchange.xforce.ibmcloud.com/vulnerabilities/11526 •