CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2010-4552
https://notcve.org/view.php?id=CVE-2010-4552
16 Dec 2010 — Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote attackers to cause a denial of service (memory consumption and daemon outage) by sending many embedded objects in e-mail messages for iPhone clients. Pérdida de memoria en IBM Lotus Notes Traveler antes v8.5.1.1 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y corte de demonio) mediante el envío de muchos objetos incrustados en mensajes de correo electrónico para los clientes de iPhone. • http://www-1.ibm.com/support/docview.wss?uid=swg1LO46561 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2010-4553
https://notcve.org/view.php?id=CVE-2010-4553
16 Dec 2010 — An unspecified Domino API in IBM Lotus Notes Traveler before 8.5.1.1 does not properly handle MIME types, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. API Domino no especificado en IBM Lotus Notes Traveler anterior a v8.5.1.1 no maneja correctamente los tipos MIME, lo cual permite a un atacante remoto provocar una denegación de servicio (caída del demonio) mediante vectores no especificados. • http://www-1.ibm.com/support/docview.wss?uid=swg1LO45478 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2010-1487
https://notcve.org/view.php?id=CVE-2010-1487
20 Apr 2010 — IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG. IBM Lotus Notes v7.0, v8.0, y v8.5 almacena credenciales administrativas en cleartext en SURunAs.exe, lo que permite a usuarios locales obtener información sensible examinando ese archivo, conocido como SPR JSTN837SEG. • http://secunia.com/advisories/39507 • CWE-255: Credentials Management Errors •
CVSS: 10.0EPSS: 2%CPEs: 31EXPL: 1CVE-2009-3032
https://notcve.org/view.php?id=CVE-2009-3032
05 Mar 2010 — Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow. Desbordamiento de entero en kvolefio.dll v8.5.0.8339 y v10.5.0.0 en Autonomy KeyView Filter SDK, tal y como se utiliza en IBM Lotus Notes v8.5, Symantec Mail Security... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 16%CPEs: 70EXPL: 0CVE-2009-3037
https://notcve.org/view.php?id=CVE-2009-3037
01 Sep 2009 — Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment. Desbordamiento de búfer en xlssr.dll en Autonomy KeyView XLS viewer(también conocido como File Viewer para Excel)usado en IBM Lotus Notes v5.x hasta v8.5.x, Symantec Ma... • http://secunia.com/advisories/36472 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 6%CPEs: 6EXPL: 0CVE-2008-1718
https://notcve.org/view.php?id=CVE-2008-1718
10 Apr 2008 — Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment. Desbordamiento de búfer en mimesr.dll en Autonomy (anteriormente Verity) KeyView, usado en IBM Lotus Notes anterior a 8.0, puede permitir a atacantes remotos asistidos por el usuario ejecutar código de su elección a través de un mensaje de correo electrónico con un adj... • http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 37%CPEs: 11EXPL: 0CVE-2007-5406
https://notcve.org/view.php?id=CVE-2007-5406
10 Apr 2008 — kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file. kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector Applix Presents de Autonomy (anteriormente Verity) KeyView, usado por IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter... • http://secunia.com/advisories/27763 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-6594
https://notcve.org/view.php?id=CVE-2007-6594
28 Dec 2007 — IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file. IBM Lotus Notes 8 para Linux anterior a 9.0.1 usa (1) permisos débiles no especificados para el kit de instalación obtenido a través de la descarga de Notes 8 y (2) permisos 0777 para el archivo installdata que crea setup.sh... • http://osvdb.org/40933 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.4EPSS: 30%CPEs: 20EXPL: 0CVE-2002-0370
https://notcve.org/view.php?id=CVE-2002-0370
05 Oct 2002 — Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecu... • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html •