Page 4 of 20 results (0.003 seconds)

CVSS: 3.5EPSS: 0%CPEs: 5EXPL: 0

IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696. IBM Lotus Notes 5.x hasta 7.0.2 permite a administradores autenticados remotamente, con la intervención del usuario, obtener una contraseña en texto claro de notes.id estableciendo las variables de depuración de notes.ini (1) KFM_ShowEntropy y (2) Debug_Outfile, una vulnerabilidad diferente de CVE-2005-2696. • http://securitytracker.com/id?1018433 http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085 http://www.heise-security.co.uk/news/92958 •

CVSS: 7.5EPSS: 4%CPEs: 20EXPL: 0

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediante ficheros ZIP que contienen nombres de ficheros largos, incluyendo Microsoft Windows 98 con el paquete Plus! Windows XP Windows Me Lotus Notes R4 a R6 (pre-gold) Verity KeyView, y Stuffit Expander antes de 7.0. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html http://marc.info/?l=bugtraq&m=103428193409223&w=2 http://securityreason.com/securityalert/587 http://www.info-zip.org/FAQ.html http://www.info.apple.com/usen/security/security_updates.html http://www.iss.net/security_center/static/10251.php http://www.kb.cert.org/vuls/id/383779 http://www.securityfocus.com/bid/5873 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054 •

CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 0

Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message. • http://www.securityfocus.com/archive/1/221986 http://www.securityfocus.com/archive/1/222212 http://www.securityfocus.com/bid/3458 https://exchange.xforce.ibmcloud.com/vulnerabilities/7323 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. • http://www.kb.cert.org/vuls/id/5962 http://www.notes.net/R5FixList.nsf/Search%21SearchView&Query=CBAT45TU9S https://exchange.xforce.ibmcloud.com/vulnerabilities/5045 •

CVSS: 7.5EPSS: 8%CPEs: 6EXPL: 0

Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. • http://marc.info/?l=bugtraq&m=97370725220953&w=2 http://www.securityfocus.com/bid/1925 •