CVE-2014-0884
https://notcve.org/view.php?id=CVE-2014-0884
Cross-site scripting (XSS) vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la interfaz de usuario Admin Web en IBM Lotus Protector para Mail Security 2.8.x anterior a 2.8.1-22905 permite a usuarios remotos autenticados inyectar script web o HTML a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21668124 https://exchange.xforce.ibmcloud.com/vulnerabilities/91170 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-0822
https://notcve.org/view.php?id=CVE-2014-0822
The IMAP server in IBM Domino 8.5.x before 8.5.3 FP6 IF1 and 9.0.x before 9.0.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, aka SPR KLYH9F4S2Z. El servidor IMAP en IBM Domino 8.5.x anterior a 8.5.3 FP6 IF1 y 9.0.x anterior a 9.0.1 FP1 permite a atacantes remotos causar una denegación de servicio (caída del demonio) a través de vectores no especificados, también conocido como SPR KLYH9F4S2Z. • http://osvdb.org/102912 http://secunia.com/advisories/56791 http://www-01.ibm.com/support/docview.wss?uid=swg21663023 https://exchange.xforce.ibmcloud.com/vulnerabilities/90235 •
CVE-2013-6749 – IBM Lotus Quickr ActiveX Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-6749
Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6748. Desbordamiento de buffer en el control ActiveX en qp2.cab en IBM Lotus Quickr para Domino 8.5.1 en versiones anteriores a 8.5.1.42-001b permite a atacantes remotos ejecutar código arbitrario a través de un documento HTML manipulado, una vulnerabilidad diferente a CVE-2013-6748. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Quickr for Domino. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within an ActiveX control included in QP2.dll. The specific flaw is a stack buffer overflow in a vulnerable function in the control. • http://osvdb.org/102598 http://secunia.com/advisories/56696 http://www.ibm.com/support/docview.wss?uid=swg21662653 http://www.securityfocus.com/bid/65193 https://exchange.xforce.ibmcloud.com/vulnerabilities/89865 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-6748 – IBM Lotus Quickr ActiveX Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-6748
Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6749. Desbordamiento de buffer en el control ActiveX en qp2.cab en IBM Lotus Quickr para Domino 8.5.1 en versiones anteriores a 8.5.1.42-001b permite a atacantes remotos ejecutar código arbitrario a través de un documento HTML manipulado, una vulnerabilidad diferente a CVE-2013-6749. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Quickr for Domino. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within an ActiveX control included in QP2.dll. The specific flaw is a stack buffer overflow in a vulnerable function in the control. • http://osvdb.org/102597 http://secunia.com/advisories/56696 http://www.ibm.com/support/docview.wss?uid=swg21662653 http://www.securityfocus.com/bid/65191 https://exchange.xforce.ibmcloud.com/vulnerabilities/89864 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-4063
https://notcve.org/view.php?id=CVE-2013-4063
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPRs PTHN9AQMV7 and TCLE98ZKRP. Vulnerabilidad cross-site scripitng (XSS) en iNotes de IBM Domino 8.5.x anteriores a 8.5.3 FP6 y 9.0.x anteriores a 9.0.1 permite a atacantes remotos inyectar script web o HTML a través de contenido activo en un mensaje de email, tambien conocido como SPRs PTHN9AQMV7 y TCLE98ZKRP. • http://www-01.ibm.com/support/docview.wss?uid=swg21659959 https://exchange.xforce.ibmcloud.com/vulnerabilities/86594 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •