NotCVE - vendor:"Ibm" product:"Lotus Domino"

Page 8 of 130 results (0.011 seconds)

CVSS: 7.5EPSS: 4%CPEs: 4EXPL: 2

CVE-2009-1286

https://notcve.org/view.php?id=CVE-2009-1286

13 Apr 2009 — The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 and 8.5 before IF3 allows remote attackers to cause a denial of service (daemon crash) via a MIME e-mail message with RFC822 attachments (aka blobs) containing malformed root entities. Vulnerabilidad en la tarea de servidor IMAP en IBM Lotus Domino v8.0.2 anterior a FP1 IF1 y v8.5 anterior IF3 permite a usuarios remotos causar una denegación de servicio (caída del servicio) a través de un mensaje de e-mail MIME con adjuntos RFC822 (o blobs... • http://secunia.com/advisories/34657 •

CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0

CVE-2008-5011

https://notcve.org/view.php?id=CVE-2008-5011

10 Nov 2008 — Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to qpconfig_sample.xml, aka SPR CWIR7KMPVP and THES7F9NVR, a different vulnerability than CVE-2008-2163 and CVE-2008-3860. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Lotus Connections v2.x anterior a v2.0.1 de IBM Lotus Quickr v8.1 anteriores a v8.1.0.2... • http://osvdb.org/49777 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 95%CPEs: 5EXPL: 1

CVE-2008-2240 – IBM Lotus Domino Web Server - Accept-Language Stack Buffer Overflow

https://notcve.org/view.php?id=CVE-2008-2240

22 May 2008 — Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header. Desbordamiento de búfer basado en pila en el Servicio Web Server en IBM Lotus Domino anterior a 7.0.3 FP1 y 8.x anterior a 8.0.1, permite a atacantes remotos provocar una denegación de servicio (caída de demonio) o la posibilidad de ejecutar código de su ... • https://www.exploit-db.com/exploits/16697 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0

CVE-2008-2410

https://notcve.org/view.php?id=CVE-2008-2410

22 May 2008 — Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en el motor de servlets y el contenedor Web en el servicio Web Server de IBM Lotus Domino anterior a 7.0.3 FP1 y 8.x anterior al 8.0.1, permite a usuarios autenticados remotamente in... • http://secunia.com/advisories/30310 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2008-0243

https://notcve.org/view.php?id=CVE-2008-0243

12 Jan 2008 — Unspecified vulnerability in Lotus Domino 7.0.2 before Fix Pack 3 allows attackers to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en Lotus Domino 7.0.2, en versiones anteriores a la Fix Pack 3, permite que atacantes remotos provoquen una denegación de servicio a través de vectores desconocidos. • http://secunia.com/advisories/28411 •

CVSS: 9.3EPSS: 93%CPEs: 17EXPL: 6

CVE-2007-4474 – IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2007-4474

27 Dec 2007 — Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1. Múltiples desbordamientos de búfer basado en pila en el control ActiveX IBM Lotus Dom... • https://www.exploit-db.com/exploits/4818 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2007-5924

https://notcve.org/view.php?id=CVE-2007-5924

10 Nov 2007 — Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.2 FP2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la tarea del Servidor Web (HTTP) en el IBM Lotus Domino anterior al 6.5.6 FP2 y el 7.x anterior al 7.0.2 FP2, permite a atacantes remotos autenticados la inyección de secuencias de comandos web o HTML de su ele... • http://jvn.jp/jp/JVN%2384565055/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2007-5700

https://notcve.org/view.php?id=CVE-2007-5700

29 Oct 2007 — The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses an incorrect security context for @ formula commands in some circumstances, which might allow remote authenticated users to gain privileges and obtain sensitive information. El método Evaluate LotusScript de IBM Lotus Domino versiones anteriores a 7.0.3 utiliza un contexto de seguridad incorrecto para comandos de fórumla @ en algunas circustancias, lo cual podría permitir a usuarios remotos autenticados obtener privilegios y conseguir inf... • http://osvdb.org/40951 •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2007-5544

https://notcve.org/view.php?id=CVE-2007-5544

29 Oct 2007 — IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session. IBM Lotus Notes versiones anteriores 6.5.6, y 7.x versiones anteriores a 7.0.3; y Domino versiones anteriores 6.5.5 FP3, y 7.x versiones anteriores 7.0.2 FP1; utiliza permisos débiles (... • http://secunia.com/advisories/27321 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 9.0EPSS: 70%CPEs: 10EXPL: 0

CVE-2007-3510

https://notcve.org/view.php?id=CVE-2007-3510

29 Oct 2007 — Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name. Desbordamiento de búfer en el servicio IMAP de IBM Lotus Domino versiones anteriores a 6.5.6 FP2, y 7.x versiones anteriores a 7.0.3, permite a usuarios remotos autenticados ejecutar código de su elección mediante un nombre de buzón de correo largo. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=605 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1...6 7 8 9 10