Page 7 of 39 results (0.007 seconds)

CVSS: 5.0EPSS: 7%CPEs: 14EXPL: 0

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an "Out Of Office" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the "Delete Attachment" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the Domino Administration client (NSUA4FQPTN). • http://secunia.com/advisories/18328 http://www-1.ibm.com/support/docview.wss?uid=swg27007054 http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e? •

CVSS: 5.0EPSS: 1%CPEs: 14EXPL: 0

Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving "CD to MIME Conversion". • http://secunia.com/advisories/18328 http://www-1.ibm.com/support/docview.wss?uid=swg27007054 http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument http://www.securityfocus.com/bid/16158 http://www.vupen.com/english/advisories/2006/0081 https://exchange.xforce.ibmcloud.com/vulnerabilities/24205 •

CVSS: 9.3EPSS: 95%CPEs: 14EXPL: 0

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll). • http://secunia.com/advisories/16100 http://secunia.com/advisories/16280 http://secunia.com/secunia_research/2005-32/advisory http://secunia.com/secunia_research/2005-34/advisory http://secunia.com/secunia_research/2005-36/advisory http://secunia.com/secunia_research/2005-37/advisory http://secunia.com/secunia_research/2005-66/advisory http://securitytracker.com/id?1015657 http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918 http://www.kb.cert.org/vuls/id/884076 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 2%CPEs: 14EXPL: 0

Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview. • http://secunia.com/advisories/16100 http://secunia.com/advisories/16280 http://secunia.com/secunia_research/2005-30/advisory http://secunia.com/secunia_research/2005-66/advisory http://securitytracker.com/id?1015657 http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918 http://www.osvdb.org/23066 http://www.securityfocus.com/archive/1/424717/100/0/threaded http://www.securityfocus.com/bid/16576 http://www.vupen.com/english/advisories/2006/0500 https://exchang • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.6EPSS: 0%CPEs: 9EXPL: 0

Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file. • http://secunia.com/advisories/1013841 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202526 http://www.osvdb.org/15367 http://www.securityfocus.com/bid/13447 https://exchange.xforce.ibmcloud.com/vulnerabilities/20044 •