CVE-2013-0595
https://notcve.org/view.php?id=CVE-2013-0595
Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3. Múltiples vulnerabilidades de cross-site scripting (XSS) en iNotes v8.5.x en IBM Lotus Domino v8.5 anterior a v8.5.3 FP5, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados, también conocido como SPR PTHN95XNR3. • http://www-01.ibm.com/support/docview.wss?uid=swg21647740 https://exchange.xforce.ibmcloud.com/vulnerabilities/83431 https://www-01.ibm.com/support/docview.wss?uid=swg21671622 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-0590
https://notcve.org/view.php?id=CVE-2013-0590
Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591. Vulnerabilidad Cross-site scripting (XSS) en iNotes v8.5.x en IBM Lotus Domino v8.5 anterior a v8.5.3 FP5, permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores no especificados, también conocido como SPR PTHN95XNR3, una vulnerabilidad diferente a CVE-2013-0591. • http://www-01.ibm.com/support/docview.wss?uid=swg21647740 https://exchange.xforce.ibmcloud.com/vulnerabilities/83814 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-0591
https://notcve.org/view.php?id=CVE-2013-0591
Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0590. Vulnerabilidad Cross-site scripting (XSS) en iNotes v8.5.x en IBM Lotus Domino v8.5 anterior a v8.5.3 FP5, permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores no especificados, también conocido como SPR PTHN95XNR3, una vulnerabilidad diferente a CVE-2013-0590. • http://www-01.ibm.com/support/docview.wss?uid=swg21647740 https://exchange.xforce.ibmcloud.com/vulnerabilities/83381 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-3027 – IBM Lotus iNotes ActiveX Control Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3027
Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW. Desbordamiento de entero en el control ActiveX DWA9W en iNotes en IBM Domino v9.0 anterior a IF3 permite a atacantes remotos ejecutar código arbitrario a través de una página web diseñada, también conocido como SPR PTHN97XHFW. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus iNotes. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of user provided input in ActiveX controls. An integer overflow exists which leads to a heap buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21644599 http://www-01.ibm.com/support/docview.wss?uid=swg21645503 https://exchange.xforce.ibmcloud.com/vulnerabilities/84381 • CWE-189: Numeric Errors •
CVE-2013-3032
https://notcve.org/view.php?id=CVE-2013-3032
Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN986NAA. Vulnerabilidad Cross-site scripting (XSS) en la funcionalidad MIME e-mail en iNotes en IBM Domino v9.0 anterior a IF3 permite a atacantes remotos inyectar código script o HTML a través de vectores sin especificar, también conocido como SPR PTHN986NAA. • http://www-01.ibm.com/support/docview.wss?uid=swg21644599 http://www-01.ibm.com/support/docview.wss?uid=swg21645503 https://exchange.xforce.ibmcloud.com/vulnerabilities/84622 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •