CVSS: 9.3EPSS: 19%CPEs: 106EXPL: 0CVE-2011-1214
https://notcve.org/view.php?id=CVE-2011-1214
31 May 2011 — Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ. Desbordamiento de búfer basado en pila en rtfsr.dll en Autonomy KeyView, tal como se utiliza en IBM Lotus Notes antes de v8.5.2 FP3, permite a atacantes remotos ejecutar código de su elección a través de un enlace a manipulado en un archivo .rtf adjunto, también conocido como SPR PRAD8823JQ. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 21%CPEs: 37EXPL: 0CVE-2011-1215
https://notcve.org/view.php?id=CVE-2011-1215
31 May 2011 — Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND. Desbordamiento de búfer basado en pila en mw8sr.dll en Autonomy KeyView, tal como se utiliza en IBM Lotus Notes antes de v8.5.2 FP3, permite a atacantes remotos ejecutar código de su elección a través de un enlace manipulado en un archivo adjunto de documento de Microsoft ... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 21%CPEs: 106EXPL: 0CVE-2011-1216
https://notcve.org/view.php?id=CVE-2011-1216
31 May 2011 — Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7. Desbordamiento de buffer de pila en assr.dll de Autonomy KeyView, como es utilizado en IBM Lotus Notes en versiones anteriores a la 8.5.2 FP3, permite a atacantes remotos ejecutar código de su elección a través de datos de etiqueta en un adjunto de hoja de cálculo Applix. Tambi... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 15%CPEs: 106EXPL: 0CVE-2011-1217
https://notcve.org/view.php?id=CVE-2011-1217
31 May 2011 — Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information. Desbordamiento de buffer en kpprzrdr.dll de Autonomy KeyView, como es utilizado en IBM Lotus Notes en versiones anteriores a la 8.5.2 FP3, permite a atacantes remotos ejecutar código de su elección a través de un adjunto .prz modificado. NOTA: algunos de estos d... • http://secunia.com/advisories/44624 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 12%CPEs: 107EXPL: 0CVE-2011-1218
https://notcve.org/view.php?id=CVE-2011-1218
31 May 2011 — Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information. Desbordamiento de buffer en kvarcve.dll de Autonomy KeyView, como es utilizado en IBM Lotus Notes en versiones anteriores a la 8.5.2 FP3, permite a atacantes remotos ejecutar código de su elección a través de un adjunto .zip modificado. Tambié... • http://secunia.com/advisories/44624 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 18%CPEs: 107EXPL: 1CVE-2011-1512
https://notcve.org/view.php?id=CVE-2011-1512
31 May 2011 — Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR. Desbordamiento de buffer de memoria dinámica en xlssr.dll de Autonomy KeyView, como se usa en IBM Lotus Notes en versiones anteriores a 8.5.2 FP3, permite a atacantes remotos ejecutar código de su elección a través de un registro BIFF mal formado en un adjunto de hoja... • http://secunia.com/advisories/44624 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 12%CPEs: 3EXPL: 0CVE-2010-1608
https://notcve.org/view.php?id=CVE-2010-1608
29 Apr 2010 — Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows remote attackers to execute arbitrary code via unknown attack vectors, as demonstrated by the vd_ln module in VulnDisco 9.0. NOTE: as of 20100222, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Desbordamiento de búfer basado en pila en IBM Lotus Notes v8.5 y v8.5fp1, y posiblement... • http://secunia.com/advisories/38622 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2010-1487
https://notcve.org/view.php?id=CVE-2010-1487
20 Apr 2010 — IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG. IBM Lotus Notes v7.0, v8.0, y v8.5 almacena credenciales administrativas en cleartext en SURunAs.exe, lo que permite a usuarios locales obtener información sensible examinando ese archivo, conocido como SPR JSTN837SEG. • http://secunia.com/advisories/39507 • CWE-255: Credentials Management Errors •
CVSS: 10.0EPSS: 2%CPEs: 31EXPL: 1CVE-2009-3032
https://notcve.org/view.php?id=CVE-2009-3032
05 Mar 2010 — Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow. Desbordamiento de entero en kvolefio.dll v8.5.0.8339 y v10.5.0.0 en Autonomy KeyView Filter SDK, tal y como se utiliza en IBM Lotus Notes v8.5, Symantec Mail Security... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858 • CWE-189: Numeric Errors •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3114
https://notcve.org/view.php?id=CVE-2009-3114
09 Sep 2009 — The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K. El widget RSS reader en Lotus Notes de IBM versiones 8.0 y 8.5, guarda elementos de una fuente RSS como documentos HTML locales, lo que permite a los atacantes remotos ejecutar scripts arbitrarios en la Local Machine Zone de Internet Explorer por medio de un feed d... • http://secunia.com/advisories/36813 • CWE-94: Improper Control of Generation of Code ('Code Injection') •