CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2000-0891
https://notcve.org/view.php?id=CVE-2000-0891
A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. • http://www.kb.cert.org/vuls/id/5962 http://www.notes.net/R5FixList.nsf/Search%21SearchView&Query=CBAT45TU9S https://exchange.xforce.ibmcloud.com/vulnerabilities/5045 •
CVSS: 7.5EPSS: 8%CPEs: 6EXPL: 0CVE-2000-1138
https://notcve.org/view.php?id=CVE-2000-1138
Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. • http://marc.info/?l=bugtraq&m=97370725220953&w=2 http://www.securityfocus.com/bid/1925 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2000-1117
https://notcve.org/view.php?id=CVE-2000-1117
The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method. • http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html http://www.securityfocus.com/bid/1994 • CWE-203: Observable Discrepancy •