CVSS: 8.8EPSS: 16%CPEs: 5EXPL: 1CVE-2007-6593 – Autonomy KeyView Lotus 1-2-3 - File Multiple Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-6593
28 Dec 2007 — Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909. Múltiples desbordamientos de búfer basado en pila en l123sr.dll de Autonomy (anterior... • https://www.exploit-db.com/exploits/30816 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6594
https://notcve.org/view.php?id=CVE-2007-6594
28 Dec 2007 — IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file. IBM Lotus Notes 8 para Linux anterior a 9.0.1 usa (1) permisos débiles no especificados para el kit de instalación obtenido a través de la descarga de Notes 8 y (2) permisos 0777 para el archivo installdata que crea setup.sh... • http://osvdb.org/40933 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.4EPSS: 30%CPEs: 20EXPL: 0CVE-2002-0370
https://notcve.org/view.php?id=CVE-2002-0370
05 Oct 2002 — Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecu... • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html •