Page 56 of 290 results (0.006 seconds)

CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0

Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object. Los servidores Lotus Domino 5.x, 4.6x y 4.5x permiten a atacantes evadir la lista acceso de autores y lectores de un objeto mediante una llamada a la API (interfaz de programación) de Notes que accede directamente al objeto. • http://archives.neohapsis.com/archives/bugtraq/2001-09/0147.html http://archives.neohapsis.com/archives/bugtraq/2001-09/0150.html http://www.iss.net/security_center/static/10095.php http://www.kb.cert.org/vuls/id/657899 •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable. Desbordamiento de buffer en bindsock en Lotus Domino 5.0.4 a 5.0.7 en Linux permite a usuarios locales ganar privilegios de root mediante Notes_ExecDirectoryVariable de entorno PATHlargos. • http://www-1.ibm.com/support/docview.wss?uid=swg21095569 http://www-1.ibm.com/support/docview.wss?uid=swg21100441 http://www.esecurityonline.com/advisories/eSO4124.asp http://www.esecurityonline.com/advisories/eSO4126.asp http://www.securityfocus.com/bid/4317 http://www.securityfocus.com/bid/4319 https://exchange.xforce.ibmcloud.com/vulnerabilities/8583 https://exchange.xforce.ibmcloud.com/vulnerabilities/8585 •

CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 0

Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message. • http://www.securityfocus.com/archive/1/221986 http://www.securityfocus.com/archive/1/222212 http://www.securityfocus.com/bid/3458 https://exchange.xforce.ibmcloud.com/vulnerabilities/7323 •

CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0

Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are converted to spaces by Domino. • http://marc.info/?l=bugtraq&m=101284222932568&w=2 http://marc.info/?l=bugtraq&m=101285903120879&w=2 http://marc.info/?l=bugtraq&m=101286525008089&w=2 http://www.iss.net/security_center/static/8072.php http://www.nextgenss.com/papers/hpldws.pdf http://www.securityfocus.com/bid/4022 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information. • http://marc.info/?l=bugtraq&m=100094373621813&w=2 http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/5552251934afaa9585256c0000737a7f?OpenDocument&Highlight=0%2CAWHN4A8QWM http://www.kb.cert.org/vuls/id/984555 https://exchange.xforce.ibmcloud.com/vulnerabilities/10685 •