CVE-2008-1718
https://notcve.org/view.php?id=CVE-2008-1718
Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment. Desbordamiento de búfer en mimesr.dll en Autonomy (anteriormente Verity) KeyView, usado en IBM Lotus Notes anterior a 8.0, puede permitir a atacantes remotos asistidos por el usuario ejecutar código de su elección a través de un mensaje de correo electrónico con un adjunto (MIME) manipulado. • http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453 https://exchange.xforce.ibmcloud.com/vulnerabilities/41856 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5406
https://notcve.org/view.php?id=CVE-2007-5406
kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file. kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector Applix Presents de Autonomy (anteriormente Verity) KeyView, usado por IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, no parsea adecuadamente los token largos, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y CPU) a través de un fichero .ag manipulado. • http://secunia.com/advisories/27763 http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/advisories/29342 http://secunia.com/secunia_research/2007-95/advisory http://secunia.com/secunia_research/2007-96/advisory http://secunia.com/secunia_research/2007-97/advisory http://secunia.com/secunia_research/2007-98/advisory http://securitytracker.com/id?1019805 http://www.securityfocus.com/archive/1/490825/100/0& •
CVE-2007-6594
https://notcve.org/view.php?id=CVE-2007-6594
IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file. IBM Lotus Notes 8 para Linux anterior a 9.0.1 usa (1) permisos débiles no especificados para el kit de instalación obtenido a través de la descarga de Notes 8 y (2) permisos 0777 para el archivo installdata que crea setup.sh, lo cual permite a usuarios locales obtener privilegios mediante un archivo troyano (Trojan horse file). • http://osvdb.org/40933 http://osvdb.org/40934 http://secunia.com/advisories/27860 http://securitytracker.com/id?1019009 http://www-1.ibm.com/support/docview.wss?uid=swg21289273 http://www.vupen.com/english/advisories/2007/4037 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2002-0370
https://notcve.org/view.php?id=CVE-2002-0370
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediante ficheros ZIP que contienen nombres de ficheros largos, incluyendo Microsoft Windows 98 con el paquete Plus! Windows XP Windows Me Lotus Notes R4 a R6 (pre-gold) Verity KeyView, y Stuffit Expander antes de 7.0. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html http://marc.info/?l=bugtraq&m=103428193409223&w=2 http://securityreason.com/securityalert/587 http://www.info-zip.org/FAQ.html http://www.info.apple.com/usen/security/security_updates.html http://www.iss.net/security_center/static/10251.php http://www.kb.cert.org/vuls/id/383779 http://www.securityfocus.com/bid/5873 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054 •