Page 5 of 22 results (0.003 seconds)

CVSS: 10.0EPSS: 15%CPEs: 3EXPL: 0

Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows remote attackers to execute arbitrary code via unknown attack vectors, as demonstrated by the vd_ln module in VulnDisco 9.0. NOTE: as of 20100222, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Desbordamiento de búfer basado en pila en IBM Lotus Notes v8.5 y v8.5fp1, y posiblemente otras versiones, permite a atacantes remotos ejecutar código arbitrario a través de vectores de ataque desconocidos, como lo demuestra el módulo vd_ln en VulnDisco v9.0. NOTA: a 22/02/2010, esta revelación no tiene información de acciones concretas. • http://secunia.com/advisories/38622 http://www.securityfocus.com/bid/38300 https://exchange.xforce.ibmcloud.com/vulnerabilities/58322 https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14489 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 4%CPEs: 20EXPL: 0

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediante ficheros ZIP que contienen nombres de ficheros largos, incluyendo Microsoft Windows 98 con el paquete Plus! Windows XP Windows Me Lotus Notes R4 a R6 (pre-gold) Verity KeyView, y Stuffit Expander antes de 7.0. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html http://marc.info/?l=bugtraq&m=103428193409223&w=2 http://securityreason.com/securityalert/587 http://www.info-zip.org/FAQ.html http://www.info.apple.com/usen/security/security_updates.html http://www.iss.net/security_center/static/10251.php http://www.kb.cert.org/vuls/id/383779 http://www.securityfocus.com/bid/5873 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054 •