Page 7 of 35 results (0.009 seconds)

CVSS: 2.1EPSS: 0%CPEs: 9EXPL: 0

HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications. • http://secunia.com/advisories/14879 http://securitytracker.com/id?1013839 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202437 http://www.kb.cert.org/vuls/id/699798 http://www.osvdb.org/15365 https://exchange.xforce.ibmcloud.com/vulnerabilities/20045 •

CVSS: 5.0EPSS: 4%CPEs: 10EXPL: 1

Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN. • https://www.exploit-db.com/exploits/24275 http://secunia.com/advisories/12046 http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en http://www.osvdb.org/8418 http://www.securityfocus.com/bid/10704 •

CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0

Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3. • http://secunia.com/advisories/12046 http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en http://www.osvdb.org/8416 http://www.osvdb.org/8417 http://www.securityfocus.com/bid/10704 •

CVSS: 10.0EPSS: 72%CPEs: 2EXPL: 1

Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe. Vulnerabilidad de inyección de argumentos en IBM Lotus Notes 6.0.3 y 6.5 permite a atacantes remotos ejecutar código de su eleccion mediante una URI notes: que usa un nombre de ruta de red UNC para proveer un fichero de configuración notes.ini alternativo a notes.exe. • http://marc.info/?l=bugtraq&m=108843896506099&w=2 http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP&uid=swg21169510 http://www.idefense.com/application/poi/display?id=111&type=vulnerabilities http://www.securityfocus.com/bid/10600 https://exchange.xforce.ibmcloud.com/vulnerabilities/16496 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •

CVSS: 7.5EPSS: 4%CPEs: 20EXPL: 0

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediante ficheros ZIP que contienen nombres de ficheros largos, incluyendo Microsoft Windows 98 con el paquete Plus! Windows XP Windows Me Lotus Notes R4 a R6 (pre-gold) Verity KeyView, y Stuffit Expander antes de 7.0. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html http://marc.info/?l=bugtraq&m=103428193409223&w=2 http://securityreason.com/securityalert/587 http://www.info-zip.org/FAQ.html http://www.info.apple.com/usen/security/security_updates.html http://www.iss.net/security_center/static/10251.php http://www.kb.cert.org/vuls/id/383779 http://www.securityfocus.com/bid/5873 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054 •