CVSS: 9.3EPSS: 88%CPEs: 11EXPL: 0CVE-2007-5909 – Verity KeyView SDK Multiple File Format Parsing Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-5909
Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910. Múltiples desbordamientos de búfer basados en pila en el Autonomy (antiguamente Verity) KeyView Viewer, en el Filter y en el Export SDK anterior al 9.2.0.12, como el utilizado en el ActivePDF DocConverter, en el IBM Lotus Notes anterior al 7.0.3, en el Symantec Mail Security y en otros productos, permiten a atacantes remotos ejecutar código de su elección a través de modificaciones en (1) el fichero AG del kpagrdr.dll, (2) en el fichero AW del awsr.dll, (3) en el fichero DLL o el (4) EXE del exesr.dll, (5) en el fichero DOC del mwsr.dll, (6) en el fichero MIF del mifsr.dll, (7) en el fichero SAM del lasr.dll o (8) en el fichero RTF del rtfsr.dll. NOTA: el vector WPD (wp6sr.dll) se trata en la vulnerabilidad CVE-2007-5910. Several vulnerabilities exist in the popular Verity KeyView SDK used in many enterprise applications like IBM Lotus Notes. • http://secunia.com/advisories/27304 http://securityreason.com/securityalert/3357 http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html http://securitytracker.com/id?1018853 http://securitytracker.com/id?1018886 http://vuln.sg/lotusnotes702-en.html http://vuln.sg/lotusnotes702doc-en.html http://vuln.sg/lotusnotes702mif-en.html http://vuln.sg/lotusnotes702sam-en.html http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111 http://www-1.ibm.com/suppor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 82%CPEs: 1EXPL: 0CVE-2007-4222
https://notcve.org/view.php?id=CVE-2007-4222
Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email. Desbordamiento de búfer en la función TagAttributeListCopy en nnotes.dll de BM Lotus Notes versiones anteriores a 7.0.3 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un correo electrónico HTML manipulado, relativo a duplicar una conversión RTF cuando el destinatario opera con este correo electrónico. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=604 http://www-1.ibm.com/support/docview.wss?rs=477&uid=swg21272930 http://www.securityfocus.com/bid/26200 http://www.securitytracker.com/id?1018857 https://exchange.xforce.ibmcloud.com/vulnerabilities/37363 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2007-5544
https://notcve.org/view.php?id=CVE-2007-5544
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session. IBM Lotus Notes versiones anteriores 6.5.6, y 7.x versiones anteriores a 7.0.3; y Domino versiones anteriores 6.5.5 FP3, y 7.x versiones anteriores 7.0.2 FP1; utiliza permisos débiles (Control Total:Todos) para ficheros mapeados en memoria (memoria compartida) en IPC, lo cual permite a usuarios locales obtener información confidencial, o inyectar Lotus Script u otras secuencias de caracteres en una sesión. • http://secunia.com/advisories/27321 http://www-1.ibm.com/support/docview.wss?uid=swg21257030 http://www.securityfocus.com/bid/26146 http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt http://www.vupen.com/english/advisories/2007/3598 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 3.5EPSS: 0%CPEs: 5EXPL: 0CVE-2007-4309
https://notcve.org/view.php?id=CVE-2007-4309
IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696. IBM Lotus Notes 5.x hasta 7.0.2 permite a administradores autenticados remotamente, con la intervención del usuario, obtener una contraseña en texto claro de notes.id estableciendo las variables de depuración de notes.ini (1) KFM_ShowEntropy y (2) Debug_Outfile, una vulnerabilidad diferente de CVE-2005-2696. • http://securitytracker.com/id?1018433 http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085 http://www.heise-security.co.uk/news/92958 •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 1CVE-2006-5835
https://notcve.org/view.php?id=CVE-2006-5835
The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file. El protocolo de Notes Remote Procedure Call (NRPC) en el IBM Lotus Notes Domino en versiones anteriores a la 6.5.5 FP2 y 7.x antes de la 7.0.2 no requiere autenticación para realizar búsqueda de usuarios, lo que permite a atacantes remotos la obtención de los ficheros de identificación (ID) de los usuarios. • http://secunia.com/advisories/22741 http://securitytracker.com/id?1017203 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21248026 http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf http://www.securityfocus.com/bid/20960 http://www.vupen.com/english/advisories/2006/4411 https://exchange.xforce.ibmcloud.com/vulnerabilities/30118 •