CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2005-1442
https://notcve.org/view.php?id=CVE-2005-1442
03 May 2005 — Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file. • http://secunia.com/advisories/1013841 •
CVSS: 7.5EPSS: 3%CPEs: 10EXPL: 1CVE-2004-2280 – IBM Lotus Notes 6.0/6.5 - Multiple Java Applet Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-2280
31 Dec 2004 — Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN. • https://www.exploit-db.com/exploits/24275 •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2004-2281
https://notcve.org/view.php?id=CVE-2004-2281
31 Dec 2004 — Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3. • http://secunia.com/advisories/12046 •
CVSS: 10.0EPSS: 19%CPEs: 2EXPL: 1CVE-2004-0480
https://notcve.org/view.php?id=CVE-2004-0480
30 Jun 2004 — Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe. Vulnerabilidad de inyección de argumentos en IBM Lotus Notes 6.0.3 y 6.5 permite a atacantes remotos ejecutar código de su eleccion mediante una URI notes: que usa un nombre de ruta de red UNC para proveer un fichero de configuración notes.ini alternativo a notes.exe. • http://marc.info/?l=bugtraq&m=108843896506099&w=2 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 8.4EPSS: 30%CPEs: 20EXPL: 0CVE-2002-0370
https://notcve.org/view.php?id=CVE-2002-0370
05 Oct 2002 — Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecu... • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2001-1504
https://notcve.org/view.php?id=CVE-2001-1504
31 Dec 2001 — Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message. • http://www.securityfocus.com/archive/1/221986 •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 1CVE-2000-0891
https://notcve.org/view.php?id=CVE-2000-0891
21 Jul 2001 — A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. • http://www.kb.cert.org/vuls/id/5962 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2000-1138
https://notcve.org/view.php?id=CVE-2000-1138
19 Dec 2000 — Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. • http://marc.info/?l=bugtraq&m=97370725220953&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0429
https://notcve.org/view.php?id=CVE-1999-0429
01 Mar 1999 — The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference. • http://marc.info/?l=bugtraq&m=92221437025743&w=2 •